[stunnel-users] EXTERNAL: Which X.509 certificate types (.crt, .pem, .der .p7c) possible for stunnel and how to import them?
Bucci, David G
david.g.bucci at lmco.com
Fri Oct 18 17:22:03 CEST 2013
PEM - http://www.stunnel.org/static/stunnel.html, search for "cert =", documented in the service options section.
You need OpenSSL on the box to use Stunnel - and OpenSSL has everything you need to convert certificates between formats/containerization as needed to get your cert into PEM format. E.g., if they give you a DER-formatted certificate named "file.cer", run:
openssl x509 -in file.cer -inform der -outform pem -out file.pem
This link has more info on telling if your provider gave you a DER or PEM formatted cert: https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-convert-them
It also has conversion commands to use.
If your provider gave you a .pfx file, then it's a pkcs#12 container, having a cert, key, and possibly CA chain in it. This link has info on exporting your certificate from such a file: http://www.sslshopper.com/article-most-common-openssl-commands.html
P7c (pkcs#7) you're unlikely to see. Used for CA chains. Actually, maybe you will - yell if so, or research.
From: stunnel-users [mailto:stunnel-users-bounces at stunnel.org] On Behalf Of Ben Stover
Sent: Friday, October 18, 2013 3:21 AM
To: Stunnel Users
Subject: EXTERNAL: [stunnel-users] Which X.509 certificate types (.crt, .pem, .der .p7c) possible for stunnel and how to import them?
Which X.509 certificate types (e.g. .crt, .pem, .der .p7c) are possible for stunnel?
Assume I have got such a certificate as separate file (and not retrieved by OpenSSL).
How do I import it into stunnel?
Do I have to just copy it into (which ?) directory?
Does the certifcate file name have to have a certain pattern?
Or is stunnel smart enough to read and analyze the content independently from filename?
stunnel-users mailing list
stunnel-users at stunnel.org
More information about the stunnel-users