The PEM format is the most common format used by certificate authorities to issue certificates. PEM certificates have the following extensions :.pem,.crt,.cer, and.key. They are Base64-encoded ASCII files containing "——BEGIN CERTIFICATE——" and "——END CERTIFICATE——" statements.
The server certificate, intermediate certificate, and private key can be set in PEM format.
Apache and other similar servers use a certificate in PEM format. A PEM certificate can contain a private key, but on most platforms, the certificate and private key are stored in a separate file, such as Apache.
The DER format is just the binary format of the certificate, not the ASCII PEM format. The file extensions are.der and.cer.
The only way to tell der.cer from pem.cer is to open it in a text editor and look for the BEGIN/END statement.
All types of certificates and private keys can be encoded in DER format. DER is typically used on the Java platform.
PKCS#7 or P7B format is usually stored in Base64 ASCII format with file extensions.p7b and.p7c.
P7B certificate contains "-----BEGIN PKCS7-----" and "-----END PKCS7-----" statement.
The P7B file contains only the certificate and the chain certificate, not including the private key.
Several platforms support P7B files, including Microsoft Windows and Java Tomcat.
The PKCS#12 or PFX format is a binary format used to store certificates/keys in the encrypted file, such as server certificates, any intermediate certificates, and private keys. PFX files usually have extensions such as.pfx and.p12.
PPFX files are usually used for importing and exporting certificates and private key on Windows pc.
When converting PFX files to PEM format, OpenSSL will put all certificates and private keys into one file. You need to open the file in a text editor and copy each certificate and privateKey (including the BEGIN/END statement) into the new separated text files. and save them as certificate.cer, cacert.cer, and privatekey.key, respectively.
Convert from PEM to DER
Convert from PEM to P7B
Convert from PEM to PFX