x509

Possible Duplicate: How to get .pem file from .key and .crt files? How can I convert .crt to .pem? MrEyes You can do this conversion with the OpenSSL library http://www.openssl.org/ Windows binaries can be found here: http://www.slproweb.com/products/Win32OpenSSL.html Once you have the library installed, the command you need to issue is: openssl x509 -in mycert.crt -out mycert.pem -outform PEM NeilG I found the OpenSSL answer given above didn't work for me, but the following did, working with a CRT file sourced from windows. openssl x509 -inform DER -in yourdownloaded.crt -out outcert.pem

I am using a SslServerSocket and client certificates and want to extract the CN from the SubjectDN from the client's X509Certificate . At the moment I call cert.getSubjectX500Principal().getName() but this of course gives me the total formatted DN of the client. For some reason I am just interested in the CN=theclient part of the DN. Is there a way to extract this part of the DN without parsing the String myself? gtrak Here's some code for the new non-deprecated BouncyCastle API. You'll need both bcmail and bcprov distributions. X509Certificate cert = ...; X500Name x500name = new

I am writing a small piece of code which reads public and private key stored in .pem file. I am using the following commands to generate the keys. Below command to generate pair of key. $openssl genrsa -out mykey.pem 2048 This command to generate the private key $openssl pkcs8 -topk8 -inform PEM -outform PEM -in mykey.pem \ -out private_key.pem -nocrypt and this command to get the public key. $ openssl rsa -in mykey.pem -pubout -outform DER -out public_key.der I have written two methods which reads the private key and public key respectively. public PrivateKey getPemPrivateKey(String filename,

I am trying to generate a self-signed certificate with OpenSSL with SubjectAltName in it.While I am generating the csr for the certificate, my guess is I have to use v3 extensions of OpenSSL x509. I am using : openssl req -new -x509 -v3 -key private.key -out certificate.pem -days 730 Can someone help me with the exact syntax? jww Can someone help me with the exact syntax? Its a three step process, and it involves modifying openssl.cnf file. You might be able to do it with only command line options, but I don't do it that way. Find your openssl.cnf file. It is likely located in /usr/lib/ssl