I'm using openSSL
to create RSA
public and private key
. I create success, and output is 2 keys with format private_key.pem
and public_key.pem
.
So, the requirement is public key need to be in .cer
extension
, Base 64 format
and start with header: -----BEGIN
I do some researches but can't find to to convert pem
to cer
Any ideas? Thanks.
P/S: Here is script that I used to generate key:
openssl genrsa -out private_key.pem 2048
openssl rsa -in private_key.pem -outform PEM -pubout -out public_key.pem
Update
Finally, I found solution for this, just for those who need it.
set OPENSSL_CONF=C:\Program Files (x86)\GnuWin32\share\openssl.cnf
openssl genrsa -out private_key.pem 2048 -sha256 -passout pass:abc123
openssl req -new -x509 -sha256 -key private_key.pem -out public_key.cer -days 3650
PEM is a normative encoding format (see RFC-7468), specifically designed to be included in mails, so it is only using a basic character set. DER is another normative encoding format, using a binary encoding scheme.
CER is not normative, it is a file extension often used to convey certificates (or, less often, keys).
Since CER is sometimes used as an extension for files containing DER encoded cryptographic material, people misuse the CER acronym and talk about CER encoding. But this has no sense. Finally, some other people talk about CER files for PEM encoded material.
You will not, this has no sense: the way you have created your keys made them already PEM encoded.
So, the only thing you may need to do is converting your key files encoded in PEM to DER format, whatever the filename extension is.
To do that, use openssl: