Get your FREE copy of "The Ultimate Guide of SSL"

Download Ebook

What Is PEM Certificate File & How to Create It?

what is pem certificate file

.PEM Certificate File Is a Container Format That Includes the Public Certificate

A few years earlier, popular browsers like Google Chrome and security communities have pushed the compulsion of having an SSL/TLS certificate installed. Even small website owners now know how important it’s to have a secure HTTPS connection.

However, all are not tech-savvy, nor everyone knows the ins and outs of the SSL/the TLS certificate. And, if you’re one of those and found yourself stuck in between the complexities of the PEM certificate file, then you’re reading the right article. This post will discuss the PEM certificate and how you can create one for your website server.

What’s the .PEM Certificate File?

Defined according to RFCs 14211424, it’s a container format that includes the public certificate and other CA certificate files /etc/ssl/certs or can consist of a whole certificate chain that includes the public key private key, and root certificates. Likewise, it can be sent through email, and PEM certificate files are also commonly used format for X.509 certificate, CSRs, and cryptographic keys. It’s a text file that contains one or more than one item in Base64 ASCII encoding.

In other words, PEM (Privacy Enhanced Mail) is a container format for keys and digital certificates, usually used by Apache and other web server platforms. It’s a file extension that contains other certificate files. Often used for X.509 certificates, PEM is a text file that contains Base64 encoding of the certificate text, a plain-text header & a footer that marks the beginning and end of the certificate.

Below is the CSR (Certificate Signing Request) in PEM format:

—–BEGIN CERTIFICATE REQUEST—–
MIIB9TCCAWACAQAwgbgxGTAXBgNVBAoMEFF1b1ZhZGlzIExpbWl0ZWQxHDAaBgNV
BAsME0RvY3VtZW50IERlcGFydG1lbnQxOTA3BgNVBAMMMFdoeSBhcmUgeW91IGRl
Y29kaW5nIG1lPyAgVGhpcyBpcyBvbmx5IGEgdGVzdCEhITERMA8GA1UEBwwISGFt
aWx0b24xETAPBgNVBAgMCFBlbWJyb2tlMQswCQYDVQQGEwJCTTEPMA0GCSqGSIb3
DQEJARYAMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJ9WRanG/fUvcfKiGl
EL4aRLjGt537mZ28UU9/3eiJeJznNSOuNLnF+hmabAu7H0LT4K7EdqfF+XUZW/2j
RKRYcvOUDGF9A7OjW7UfKk1In3+6QDCi7X34RE161jqoaJjrm/T18TOKcgkkhRzE
apQnIDm0Ea/HVzX/PiSOGuertwIDAQABMAsGCSqGSIb3DQEBBQOBgQBzMJdAV4QP
Awel8LzGx5uMOshezF/KfP67wJ93UW+N7zXY6AwPgoLj4Kjw+WtU684JL8Dtr9FX
ozakE+8p06BpxegR4BR3FMHf6p+0jQxUEAkAyb/mVgm66TyghDGC6/YkiKoZptXQ
98TwDIK/39WEB/V607As+KoYazQG8drorw==
—–END CERTIFICATE REQUEST—–

Here’s How to Create .PEM Certificate File

Not always the case, but sometimes your server may ask to create .PEM certificate file. If that’s the case, then there’s no other option, but you’ll require to create it. And, if you aren’t aware of how to create, then don’t worry. Simply go through the below steps to create a PEM certificate file.
  • Download intermediate certificate, root certificate, primary certificate, and private key file sent by the CA (Certificate Authority) like Sectigo.
  • Open a text editor like Notepad and paste the whole body of the certificates and private key in the below-mentioned order:
  • Private Key
  • Primary Certificate
  • Intermediate Certificate
  • Root Certificate
  • Now, add the starting and ending tags as mentioned below:
—–BEGIN RSA PRIVATE KEY—–
(Your Private Key)
—–END RSA PRIVATE KEY—–
—–BEGIN CERTIFICATE—–
(Your Primary SSL certificate)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Intermediate certificate)
—–END CERTIFICATE—–
—–BEGIN CERTIFICATE—–
(Your Root certificate)
—–END CERTIFICATE—–
Lastly, save the file as domain_name.pem

Extensions of PEM Filename

PEM files are often saved with different extensions apart from .pem, and they are .crt, .cert, .key, and sometimes others also.

Wrapping Up

Governed by RFCs, PEM file certificates are usually used by open-source software. Lastly, PEM isn’t a certificate on its own but a way of encoding data. And X.509 certificates are one type of data that are commonly encoded with the help of PEM files.
Disclosure: AboutSSL appreciates your continuous support. It helps us tremendously to keep moving in the competitive SSL industry. Here most of the links which direct you to buy any SSL/TLS related service or products earns us a certain percentage of referral commission. Learn More
Download Site Seal