Chapter 4: Certificates

This chapter provides some background to certificates.

Certificate and Key Formats

Certificates are often known as X.509 certificates, since X.509 is the standard that defines their context and layout. The commonest algorithms for creating public and private keys are RSA and DSA, and keys are often referred to as RSA keys or DSA keys. None of these, however, define the format of the file in which a certificate or key is held. There are many rival formats for these files. Some of the commonest standard formats are:

DER. This format can contain private keys (RSA or DSA), public keys (RSA or DSA) and X.509 certificates. It is headerless. It is the default format for most browsers. A file can contain only one certificate. Optionally the certificate can be encrypted. The standard extension is .cer, but might be .der in some installations.
PEM. This format can contain private keys (RSA or DSA), public keys (RSA or DSA) and X.509 certificates. It is the default format for OpenSSL. It stores the data in either ASN.1 or DER format, surrounded by ASCII headers, so is suitable for sending files as text between systems. A file can contain multiple certificates. The standard extension is .pem.
PKCS#12. This is also known as PFX. This format can contain private keys (RSA or DSA), public keys (RSA or DSA) and X.509 certificates. It stores them in a binary format. The standard extension is .pfx or .p12.
PKCS #7. This is the Cryptographic Message Syntax Standard. A file can contain multiple certificates. Optionally they can be hashed. Optionally a certificate can be accompanied by a private key. As well as the original PKCS #7, there are three revisions: a, b, and c. The standard extensions for these four versions are .spc, .p7a, .p7b and .p7c respectively.

Don't Edit Certificates and Key Files

You must never edit the contents of a certificate or keyfile. If you change anything within a certificate, any SSL software examining the certificate to authenticate your identity will detect it has been tampered with and declare it invalid.

A keyfile, and in certain circumstances a certificate file, will always be protected by its own security pass phrase. This pass phrase prevents certificate and key file management tools from making unauthorized access to the file content.

You can rename and copy a file containing a certificate, and it is good practice to use the filename extension appropriate to the format, to avoid confusion. You can also split a file that contains multiple PEM format certificates but you must take care to not change or break up the data content between the start and end of any of the certificates. See Multiple Certificates in One File.

To Convert Certificate Formats

To convert certificate formats, use openssl.exe, as follows:

To convert binary-only PKCS7 (.p7 .p7a .p7b .p7c) files as output from Windows Internet Explorer Certificate Manager, with single or multiple certificate content, and generate human readable text content in the output file:
```
	openssl pkcs7 -inform DER -in filename.p7b -text -print_certs -out outfilename.pem
```
For example:
```
openssl pkcs7 -inform DER -in IECert.p7b -text -print_certs -out IECert.pem
```
To convert binary-only PKCS7 files as output from Windows Internet Explorer Certificate Manager, with single or multiple certificate content, and generate only binary content in the output file leave out the “-text” element:
```
 
openssl pkcs7 -inform DER -in filename.p7b -text -print_certs -out outfilename.pem
```
Example:
```
openssl pkcs7 -inform DER -in IECert.p7b -text -print_certs -out IECert.pem
```
When handling many certificates in one file you might encounter issues of space being taken for the descriptive text content. In these circumstances you may wish to remove the text content, however this is not recommended for normal use as it make handling of the certificates harder because their content is not immediately viewable.

Some applications do not accept X509v3 certificates when accompanied by a text description within the certificate file. You can overcome this for most applications, by editing the certificate to trim the text sections, but take care to leave intact the lines beginning and terminating the binary certificate data.
To convert PEM to PKCS#12 (to install in a Web browser or for storage):
- If your PEM-format certificate and key are both in one file, use:
```
openssl pkcs12 -export -in pem-cert-and-key-file -out pkcs12-cert-and-key-file
```
- If they are in separate files, use:
```
openssl pkcs12 -export -in pem-cert-file -inkey pem-key-file -out pkcs12-cert-and-key-file
```
Both these commands put the certificate and keyfile into one file. If you intend to store your private key and certificate together in this fashion you should apply a pass phrase to the resultant file.

To convert PKCS#12 to PEM:

openssl pkcs12 -in pkcs-12-cert-and-key-file -out pem-cert-and-key-file

To convert ASN.1 PEM files to DER PEM :

If the PEM file contains DSA keys, use:

openssl dsa -inform PEM -outform DER -in pem-file -out der-file

If it contains RSA Keys, use:

openssl rsa -inform PEM -outform DER -in pem-file -out der-file

To convert DER (.cer in most implementations) to PEM:

If the DER file contains DSA keys, use :

openssl dsa -inform DER -outform PEM -in der-file -out pem-file

If it contains RSA Keys, use:

openssl rsa -inform DER -outform PEM -in der-file -out pem-file

Multiple PEM Format Certificates

Normally there is only one certificate in a file. OpenSSL generally assumes this is the case, so it ignores any after the first when handling server and client certificates.

However, a file can contain multiple PEM and PKCS7 format certificates. This is useful for storing a bundle of the root certificates of the CAs you trust, or a certificate verification chain. To use the certificates, you will need to split the file into one file per certificate.

You can split the file using a text editor, but you must take care to not change the data for each individual certificate. Each certificate takes the following format and is terminated by the END CERTIFICATE line:

optional-header-info
------BEGIN optional-text CERTIFICATE-----
...
------END optional-text CERTIFICATE-----

As long as you do not change or break up the data within the BEGIN and END lines, the certificate itself is complete. A certificate is rendered useless unless it retains its binary composition that was created when it was originally signed.