Download, install, and generate PEM/CRT/KEY files using OpenSSL

Topic

Download, Install, and Generate PEM/CRT/KEY files using OpenSSL.

Instructions

1. Download and install the following OpenSSL EXE file (other methods may be available; feel free to use them instead).
   Link: Win32/Win64 OpenSSL Installer for Windows - Shining Light Productions

   

2. After installation, double-click the installation file and follow the installation process. At the following screen, select the highlighted option: The OpenSSL binaries (/bin) directory.

   

    

3. After completing the installation, navigate to the following folder: C:\Program Files\OpenSSL-Win64\bin
4. Copy and paste the PFX file here for easy navigation to the certificate file.
5. Next, right-click and run openssl.exe as an administrator.

   

    

6. Type the command below to generate a .txt file:
   pkcs12 -in C:\PathToThePFXfile\myPFXfileName.pfx -out certificate.txt -nodes
   The PFX file is in the same bin folder in this case below. Execute the command as shown.
7. After entering the command above, you will be asked for a password at the command prompt. Copy and paste it from the text file shown in earlier steps.

   

    

8. After executing the command above,  it will generate a certificate.txt file in the same directory.
9. Open this file in Notepad++.

   

10. After opening the file, you will be able to see the following pattern 5 times:
    ----- Begin Certificate -----

loremipsum loremipsum

loremipsum loremipsum

loremipsum loremipsum

----- End Certificate -----
11. These are the patterns that are required for PD installations, as explained in the next step.
12. These patterns will create the PEM/CRT/KEY files:
    The first pattern mentioned in step 12 is the CRT file; copy only that pattern and save it in a new text file as certificate.pem and certificate.crt.

    

    
    The last or fifth pattern mentioned in step 12 is the KEY file. Copy only that pattern and save it in a new text file as key.pem and key.key.
    The remaining or second, third, and fourth pattern mentioned in step 12 is the ca-bundle file. Copy only those patterns as shown below:
    ----begin certificate-----

xyzzyz

-----end certificate ------

----begin certificate-----

xyzzyz

-----end certificate ------

----begin certificate-----

xyzzyz

-----end certificate ------
13. Save it in a new text file as ca-bundle.pem.
14. Now, you have generated all required PEM/CRT/KEY files for SSL configuration. You can name the files as appropriate for your environment: