• 15
name

A PHP Error was encountered

Severity: Notice

Message: Undefined index: userid

Filename: views/question.php

Line Number: 191

Backtrace:

File: /home/prodcxja/public_html/questions/application/views/question.php
Line: 191
Function: _error_handler

File: /home/prodcxja/public_html/questions/application/controllers/Questions.php
Line: 433
Function: view

File: /home/prodcxja/public_html/questions/index.php
Line: 315
Function: require_once

name Punditsdkoslkdosdkoskdo

PEM files and what to do with them

My certificate issuing authority has provided me with 5 PEM files. 3 of these are part of a chain. One of the files is all 3 chain files as a single file.

The fifth file appears to be the certificate itself.

The application I'm using was looking for a .key file and a .cert or .crt file. I was able to use openSSL to make .crt file version of all the pem files. Do I also need a .key version? Id so, where do I install the various certificate files? Are filenames important?

There are 2 ways that programs will typically deal with SSL certificates: some apps expect the private key and the certificate to be in the same file, and others expect them in separate files. Many will allow both, with the certificate (with optional key as well) as a required option, and specifying the key in a separate file as an optional input.

Most will also have a separate input for the CA chain; this would be where you use file #4 in your list. Some can take a directory instead of a chain file; you would put files #1-3 in there. (Some also expect the filenames of these to be a hash of the certificate's DN).

Naming the files as .crt or .key is largely for your own sanity; most programs don't care. As long as you're giving the program the input format it expects (PEM is the most common; DER and PKCS7 are less common) it should be OK. (Windows is a little pickier; it likes the extensions .crt for PEM-format certificates with keys, and .pfx or .p12 for PKCS12-format client certs).

  • 1
Reply Report

Trending Tags