Rate this article: (8 votes, average: 3.63)
After years of push by the browser and security communities, ordinary website owners have finally realized the importance of an SSL/TLS certificate. As a result, most website owners get an SSL certificate as soon as they build their website. But many are new to this territory, and could get hung up on some of the complexities of the cybersecurity world. One of those complexities could be the PEM certificate file. Therefore, in this post, we’ll be discussing what a PEM certificate file is and how you can create one.
Tip: You can typically save a significant amount by buying your SSL certificate direct instead of through your web hosting company. We sell all Comodo single domain SSL certificates at up to 85% off.Shop for Single Domain SSL Certificates
Before we answer this question, let us tell you something. When you purchase a security certificate (typically, an SSL certificate), your certificate authority is supposed to send you the certificate – which is nothing but a bunch of files that includes a CA server certificate, intermediate certificate, and the private key. Usually, these files are encoded in a single file — “container,” as some call it – and sent through email. PEM (privacy enhanced mail) is one such container file type.
PEM is a container format for digital certificates and keys, most notably used by Apache and other web server platforms. In simpler words, it’s a file extension of a file that contains a bunch of certificate files. A PEM file is often used for X.509 certificates, and it’s a text file that consists of Base64 encoding of the certificate text, a plain-text header, and footer marking the beginning and end of the certificate. Here’s what it looks like:
-----BEGIN PRIVATE KEY----- MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDBj08sp5++4anG cmQxJjAkBgNVBAoTHVByb2dyZXNzIFNvZnR3YXJlIENvcnBvcmF0aW9uMSAwHgYD VQQDDBcqLmF3cy10ZXN0LnByb2dyZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD ... bml6YXRpb252YWxzaGEyZzIuY3JsMIGgBggrBgEFBQcBAQSBkzCBkDBNBggrBgEF BQcwAoZBaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3Nvcmdh z3P668YfhUbKdRF6S42Cg6zn -----END PRIVATE KEY-----
-----BEGIN CERTIFICATE----- MIIFaDCCBFCgAwIBAgISESHkvZFwK9Qz0KsXD3x8p44aMA0GCSqGSIb3DQEBCwUA VQQDDBcqLmF3cy10ZXN0LnByb2dyZXNzLmNvbTCCASIwDQYJKoZIhvcNAQEBBQAD ggEPADCCAQoCggEBAMGPTyynn77hqcYnjWsMwOZDzdhVFY93s2OJntMbuKTHn39B ... bml6YXRpb252YWxzaGEyZzIuY3JsMIGgBggrBgEFBQcBAQSBkzCBkDBNBggrBgEF BQcwAoZBaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLmNvbS9jYWNlcnQvZ3Nvcmdh bml6YXRpb252YWxzaGEyZzJyMS5jcnQwPwYIKwYBBQUHMAGGM2h0dHA6Ly9vY3Nw lffygD5IymCSuuDim4qB/9bh7oi37heJ4ObpBIzroPUOthbG4gv/5blW3Dc= -----END CERTIFICATE-----
-----BEGIN CERTIFICATE----- MIIEaTCCA1GgAwIBAgILBAAAAAABRE7wQkcwDQYJKoZIhvcNAQELBQAwVzELMAkG C33JiJ1Pi/D4nGyMVTXbv/Kz6vvjVudKRtkTIso21ZvBqOOWQ5PyDLzm+ebomchj SHh/VzZpGhkdWtHUfcKc1H/hgBKueuqI6lfYygoKOhJJomIZeg0k9zfrtHOSewUj ... dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCow KKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYB K1pp74P1S8SqtCr4fKGxhZSM9AyHDPSsQPhZSZg= -----END CERTIFICATE-----
-----BEGIN CERTIFICATE----- MIIDdTCCAl2gAwIBAgILBAAAAAABFUtaw5QwDQYJKoZIhvcNAQEFBQAwVzELMAkG YWxTaWduIG52LXNhMRAwDgYDVQQLEwdSb290IENBMRswGQYDVQQDExJHbG9iYWxT aWduIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDaDuaZ ... jc6j40+Kfvvxi4Mla+pIH/EqsLmVEQS98GPR4mdmzxzdzxtIK+6NiY6arymAZavp 38NflNUVyRRBnMRddWQVDf9VMOyGj/8N7yy5Y0b2qvzfvGn9LhJIZJrglfCm7ymP HMUfpIBvFSDJ3gyICh3WZlXi/EjJKSZp4A== -----END CERTIFICATE-----
Like some people, some servers also can be demanding. If your server is one of them and is asking you for a PEM file, then there’s no option but to meet its demand. But no need to worry as creating a PEM certificate file is as smooth as pie. Follow the below steps to do so:
-----BEGIN RSA PRIVATE KEY----- (Your Private Key) -----END RSA PRIVATE KEY----- -----BEGIN CERTIFICATE----- (Your Primary SSL certificate) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (Your Intermediate certificate) -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- (Your Root certificate) -----END CERTIFICATE-----
3. Finally, save the file as your_domain_name.pem.
Congratulations! You just created a PEM certificate file on your own. Smooth as a pie, wasn’t it?