OPNsense Forum
Archive => 18.1 Legacy Series => Topic started by: SteveK on February 15, 2018, 11:57:35 am
-
Hi,
I have implemented an internal CA and an intermediate CA...and everything works fine with the generated internal server certificates :).
Trying to configure a switch for HTTPS, I found out that it needs a BASE64 certificate. When an internal certificate is created, then there are a .crt, a .key, and a .p12 files that can be downloaded. How can I generate a BASE64 certificate and key (?!) using those files?
Regards,
Steve
-
What Base64 certificate? There are different formats of certificates like DER and PEM where the content between the delimiters in PEM is Base64 encoded.
OpenSSL can convert between the formats.
-
The only info that I found so far is...the certificate and private keys must be in RSA PEM format.
Would these be the right commands for converting?
openssl rsa -in switch1.key -outform PEM -out switch1.crt.pem
openssl x509 -in switch1.crt -outform PEM -out switch1.key.pem
-
Both the .crt and the .key file are in the correct (PEM) format, which as Fabian has pointed out, uses Base64 encoding.
Bart...
-
The only info that I found so far is...the certificate and private keys must be in RSA PEM format.
Would these be the right commands for converting?
openssl rsa -in switch1.key -outform PEM -out switch1.crt.pem
openssl x509 -in switch1.crt -outform PEM -out switch1.key.pem
You may need "-inform DER" to make it working if your key is in DER format but OpenSSL will tell you if it tries to use the wrong format.
-
It worked with the PEM!
And the correct command were:
openssl x509 -in sw1.crt -outform PEM -out sw1.crt.pem
openssl rsa -in sw1.key -outform PEM -out sw1.key.pem
Thanks for the help!