Converting a PFX certificate to the PEM format

To use a PFX certificate in Kaspersky Security Center 13 Web Console, you must first convert it to the PEM format by using any convenient OpenSSL-based cross-platform utility (for more information, refer to the OpenSSL website).

To convert a PFX certificate to the PEM format in Windows operating system:

1. In an OpenSSL-based cross-platform utility, execute the following commands:

   openssl pkcs12 -in <filename.pfx> -clcerts -nokeys -out certificate.crt

   openssl pkcs12 -in <filename.pfx> -nocerts -nodes -out private.key

2. Make sure that the certificate file and the private key are generated to the same folder where the .pfx file is stored.
3. If the certificate file or the private key contains the bag attributes, delete these attributes using any convenient text editing software and save the file.

The certificate file in PEM format and the private key file are ready to use, so you can specify them in the Kaspersky Security Center 13 Web Console installer.

To convert a PFX certificate to the PEM format in Linux operating system:

1. In an OpenSSL-based cross-platform utility, execute the following commands:

   openssl pkcs12 -in <filename.pfx> -nocerts -nodes | sed -ne '/-BEGIN PRIVATE KEY-/,/-END PRIVATE KEY-/p' > private.key

   openssl pkcs12 -in <filename.pfx> -clcerts -nokeys | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > certificate.crt

2. Make sure that the certificate file and the private key are generated to the same directory where the .pfx file is stored.

The certificate file in PEM format and the private key file are ready to use, so you can specify them in the Kaspersky Security Center 13 Web Console installer.

Page top