Tech Tip: Converting certificate authority .pfx file to .pem
PRODUCT: 4D | VERSION: 19 | PLATFORM: Mac & Win
Published On: November 7, 2022
When deploying the 4D web server with a SSL certificate, the private key named "key.pem" and SSL certificate "cert.pem" need to be stored next to the structure file / built executable. However, certificate authorities may return a .pfx file which contains both the certificate and private key. In order to conver the .pfx to .pem, use the terminal command below:
openssl pkcs12 -in your_file.pfx -out cert.pem -nodes
Once it has been converted to cert.pem, edit the file and only keep the section:
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
From here, move the cert.pem next to the structure file / built executable and validate the SSL certificate is valid.
Commented by Brad Olson on May 8, 2023 at 9:56 AM
This will extract the private Key from the .pfx file in encrypted format, but 4D server did not recognize the encrypted format
openssl pkcs12 -in [myFile.pfx] -nocerts -out [myKeyFile.pem]
To decrypt the key.pem file, do this:
openssl rsa -in key2.pem -out key.key
To extract only the certificate from the .pfx file, run this:
openssl pkcs12 -in cmxSSL.pfx -clcerts -nokeys -out cert.pem