It may happen that you obtain a CA certificate in a different format. If it appears to be a binary file (often with the filename extension .der or .crt), it is probably the raw DER-encoded form; test this with:
$ openssl x509 -inform der -text -in filenameDER stands for Distinguished Encoding Rules, an encoding for ASN.1 data structures; X.509 certificates are represented using the ASN.1 standard. The openssl command uses PEM encoding by default. You can convert a DER-encoded certificate to PEM format thus:
$ openssl x509 -inform der -infilename-outfilename.pem
Get Linux Security Cookbook now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
