Novell Home

My Favorites

Close

Please to see your favorites.

How to create a .pem File for SSL Certificate Installations

This document (7013103) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server

Situation

How to create a .pem File for SSL Certificate Installations

Resolution

SSL .pem files are concatenated certificate container files and can be thought of as a container of layered certificates. They are frequently required for certificate installations when multiple certificates are being imported as one file.


The following details the structure of a .pem file:

-----BEGIN RSA PRIVATE KEY-----
(Your Private Key: your_domain_name.key)
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: your_domain_name.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: certChainCA.crt)
-----END CERTIFICATE-----

.pem SSL Creation Instructions require the following files:

  • Private Key
  • Server Certificate (crt, puplic key)
  • (optional) Intermediate CA and/or bundles if signed by a 3rd party

  1. (manual) How to manually create a .pem file:
    • Remove the password from the Private Key by following the steps listed below:
      • Type openssl rsa -in server.key -out nopassword.key and press Enter.
      • Enter the pass phrase of the Private Key.
    • Combine the private key, public certificate and any 3rd party intermediate certificate files:
      • cat nopassword.key > server.pem
      • cat server.crt >> server.pem
      • Repeat this step as needed for third-party certificate chain files, bundles, etc:
        cat intermediate.crt >> server.pem


  2. (scripted) How to create a PEM file:
    • Download certs.tgz: wget ftp://ftp.novell.com/outgoing/certs.tgz
    • Unpackage the download: tar xzf certs.tgz
    • Run certs.sh: ./certs.sh
    • Select Create PEM
    • Provide the full path to the directory containing the certificate files.
    • Provide the filenames of the following:
      • private key
      • public key (server crt)
      • (conditional) password for private key
      • (conditional) any intermediate certificate chain file(s)

    Additional Information

    See TID 7015502 - Common Mistakes in SSL Certificate Management & Implementation

    Disclaimer

    This Support Knowledgebase provides a valuable tool for NetIQ/Novell/SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

    • Document ID:7013103
    • Creation Date:26-AUG-13
    • Modified Date:15-AUG-14
      • NovellData Synchronizer
        GroupWise
        Messenger
        Vibe

    Did this document solve your problem? Provide Feedback