= SSL Certificate File Types =

Certificates can be stored in a variety of file formats -- which can be a pain, since the format that your certificates come in may not be the format that is compatible with your end goal.

In general, there are three different kinds of file formats -- PEM, PKCS, and DER.   

== PEM Format ==
=== Properties ===
PEM files are generally associated with the UNIX world, and have the following properties:
 * usually stored with file extensions like .pem, .key, .crt
 * are ASCII files (not binary)
 * contain textual "BEGIN" and "END" Statements
 * Can describe private keys, single certificates, and/or certificate chains
 * Default format for OpenSSL
 
=== Compatibility ===
 * Apache consumes PEM files for SSL encryption

=== Translation ===
 * PEM to PFX:  [http://blog.crowe.co.nz/archive/2008/01/29/Taking-a-SSL-Certificate-a-KEY-file-and-a-CA.asp]
 * PEM to PFX using openssl:   openssl pkcs12 -export -in cert.pem -inkey key.pem -out cert.pfx -name "PFX Certificate"
 * PEM to DER: [http://support.citrix.com/article/CTX106631]

== PFX (PKCS !#12) Format ==
=== Properties ===
 * Most common on Microsoft filesystems
 * usually have file extensions like .pfx or .p12
 * binary format
 
=== Compatibility ===
 * One of the only ways to import a private key into a Microsoft Windows Certificate Store

=== Translation === 
 * PFX to PEM: [http://support.citrix.com/article/CTX106028]
 * PFX to DER:  -- dunno

== DER Format ==
=== Properties ===
 * Used commonly with Java Keystores
 * Default format for most browsers
 
=== Compatibility ===
 * Import into a Java Keystore for use with Tomcat

=== Translation ===
 * DER to PEM: openssl x509 -inform der -in MYCERT.cer -out MYCERT.pem  (Source:[http://shib.kuleuven.be/docs/ssl_commands.shtml])
 * DER to PFX: