How to create a PEM file from your SSL certificates

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Loading...

PEM files are oftentimes required by servers

SSL certificates have several different file formats. What works for one server might not work for another. Fortunately, I’m here to help you figure out how to turn your SSL certificate files into a .PEM file.

A .PEM file is sometimes referred to as a concatenated certificate container file. Concatenated is a five dollar word if I’ve ever heard one. But don’t let it distract you, all it means is that all of the certificates in the chain need to be combined into a single file.

It’s always amazed me that something as complicated as encrypting a connection between a web server and a client can be facilitated by a file that you copy and pasted into a text editor. Think about that for a second the next time your IT guys complains to you about the certificate file being the wrong format. You literally train a chimpanzee to concatenate a certificate file.

How to Concatenate your entire SSL certificate trust chain into a .PEM file

Ok, stay with me because this is practically rocket science. Take the SSL certificate that your CA sent you and open it in a text editor.

Ok, a quick aside, do not use Microsoft Word, Word Processor or any other program that autocorrects. Use Notepad or whatever hemp-wearing, literary safe space that Apple offers as Notepad’s alternative.

Now, take the SSL certificate you just opened in Notepad, copy and paste the whole thing (even the Begin and End certificate prompt at the five dashes on either side of them) into a new Notepad document.

If your SSL certificate came with an intermediate, download it, open it in notepad and do the same thing, even down to the prompts and dashes.

Now, finally, download the root certificate and follow the same procedure, opening it in notepad, copying the entire file (dashes and all) and pasting it in the new text file with the other certificates.

This should be the sequence:

—–BEGIN CERTIFICATE—–
(Your Primary SSL certificate)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Intermediate certificate)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Root certificate)
—–END CERTIFICATE—–

Great, now save the file as “Whatever_you_want.pem”

How to Concatenate your Server and Intermediate certificates

Similar to the last section, you’re going to be opening the files you need in a text editor and copy/pasting them into a new document. The order should be:

—–BEGIN CERTIFICATE—–
(Your Primary SSL certificate)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Intermediate certificate)
—–END CERTIFICATE—–

Once again, save the file as “Something_You’ll_Remember.pem”

How to Concatenate your Private key and Trust Chain

Once again, the method is the same for this procedure – copy/pasting certificate files in the correct order into a new notepad document – but adding the Private Key means you’ll now potentially be combining four files.

The private key goes first, then you can revert to the order we have used in the other procedures: End User Cert, Intermediate, Root.

It should look like this:

—–BEGIN RSA PRIVATE KEY—–
(Your Private Key)
—–END RSA PRIVATE KEY—–
—–BEGIN CERTIFICATE—–
(Your Primary SSL certificate)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Intermediate certificate)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Root certificate)
—–END CERTIFICATE—–

Now just save the file with a .pem extension and you’re good to go!

Stay cautious, my friends.

 

The Most Inexpensive SSL Certificates

RapidSSL Logo

Assure the better SSL security for a website. Implement the trusted SSL certificate from SSL brands like RapidSSL and GeoTrust.

 

Leave a Reply

Your email address will not be published. Required fields are marked *