How to Convert DER Encoded Certificates to PEM

DALL-E developer in his desk with macos terminal decoding certificate files

A DER-encoded certificate can be transformed into an ASCII (Base64) encoded certificate using OpenSSL. A DER-encoded certificate cannot be read as plain text (unlike a PEM-encoded certificate). DER-encoded certificates typically have the file extensions.DER,.CRT, or.CER.

In the event that a PEM-encoded certificate also has the.CRT or.CER file extension, you can simply copy the file to a new name using the.PEM extension:

$ cp hostname.cer and hostname.pem

Use OpenSSL to convert a DER-encoded certificate to PEM:

How to Decrypt an RSA Private Key Using OpenSSL

Laptop with encryted code - Markus Spiske

When installing a SSL certificate with a private key that is encrypted with a passphrase, you must decrypt the private key first. You can identify whether a private key is encrypted or not by opening the private key (.key or .pem file) using a text editor or command line. You should see the text ENCRYPTED if the private key is encrypted.