Monday, January 24, 2011

Converting PKI Certificates

When working with public key infrastructure security environments, you sometimes need to convert PKI certificates into other formats.  For example, if you are working in a PKI environment that provides user certificates in DER encoded binary X.509, you may need to convert these into Base-64 encoded X.509.  This is the case when working with IIS for various mapping scenarios (one-to-one, one-to-many).  Converting certificates is easy.The following procedure shows you how. This procedure is performed on a Windows 7 x64 machine.
  1. Navigate to the folder containing the certificate.  It should end in CER, CRT, or DER.
  2. Double-click the certificate.  The Certificate dialog appears.
  3. Click the Details tab.
  4. On the Details tab, click Copy to File...  The Certificate Export Wizard dialog appears.
  5. Click Next.  The Export File Format page appears.
  6. On the page, select the desired format, and then click Next.  The File to Export appears.
  7. On the page, enter a filename, and then click Next.  The final page of the Certificate Export Wizard appears.
  8. On this final page, review the options, and then click Finish.  A prompt will appear.
  9. Click OK.  The prompt closes.
  10. Navigate to the folder containing your original certificate.  The converted certificate file will be listed.
  11. Repeat this process for converting to another format.
For further information: