Topic
Download, Install, and Generate PEM/CRT/KEY files using OpenSSL.
Instructions
- Download and install the following OpenSSL EXE file (other methods may be available; feel free to use them instead).
Link: Win32/Win64 OpenSSL Installer for Windows - Shining Light Productions - After installation, double-click the installation file and follow the installation process. At the following screen, select the highlighted option: The OpenSSL binaries (/bin) directory.
- After completing the installation, navigate to the following folder:
C:\Program Files\OpenSSL-Win64\bin
- Copy and paste the PFX file here for easy navigation to the certificate file.
- Next, right-click and run openssl.exe as an administrator.
- Type the command below to generate a .txt file:
pkcs12 -in C:\PathToThePFXfile\myPFXfileName.pfx -out certificate.txt -nodes
The PFX file is in the same bin folder in this case below. Execute the command as shown. - After entering the command above, you will be asked for a password at the command prompt. Copy and paste it from the text file shown in earlier steps.
- After executing the command above, it will generate a certificate.txt file in the same directory.
- Open this file in Notepad++.
- After opening the file, you will be able to see the following pattern 5 times:
----- Begin Certificate -----
loremipsum loremipsum
loremipsum loremipsum
loremipsum loremipsum
----- End Certificate ----- - These are the patterns that are required for PD installations, as explained in the next step.
- These patterns will create the PEM/CRT/KEY files:
The first pattern mentioned in step 12 is the CRT file; copy only that pattern and save it in a new text file as certificate.pem and certificate.crt.
The last or fifth pattern mentioned in step 12 is the KEY file. Copy only that pattern and save it in a new text file as key.pem and key.key.
The remaining or second, third, and fourth pattern mentioned in step 12 is the ca-bundle file. Copy only those patterns as shown below:----begin certificate-----
xyzzyz
-----end certificate ------
----begin certificate-----
xyzzyz
-----end certificate ------
----begin certificate-----
xyzzyz
-----end certificate ------ - Save it in a new text file as ca-bundle.pem.
- Now, you have generated all required PEM/CRT/KEY files for SSL configuration. You can name the files as appropriate for your environment: