How to convert X.509 certificate from a hex-dump form to .CER format? Additionally, should be blank space separators removed from hex dump first? Thanks.
Asked
Active
Viewed 8,593 times
2 Answers
6
You could use ASN.1 editor. It has a data converter that will convert HEX to PEM format of data. the source is also available so if you need to use it in code you can look how it is done.
Or you could use certutil.exe using command
certutil -decodehex c:\cert.hex c:\cert.cer
pepo
- 8,644
- 2
- 27
- 42
-
1Is it possible to convert with microsoft's CertUtil.exe? – Mar 23 '14 at 00:48
-
1I have updated my answer. @triwo thanks for mentioning certutil. I didn't know if was possible. I learned something new. – pepo Mar 23 '14 at 05:54
2
Normally .cer can either be binary encoded - DER - or it can be DER that has an "ASCII armor", called PEM.
If you want to create DER you probably only have to decode the hexadecimals. In that case you obviously need to disregard any whitespace within the hexadecimals (as well as any other spurious data that may be present).
If you want to have PEM it is required in addition to base 64 encode the result and add a header and footer text. Or you can use an existing library that does this of course.
Maarten Bodewes
- 90,524
- 13
- 150
- 263
-
The goal is to convert hex to `.cer`, not `.der`. I find also that its not required to remove white space separator between hex bytes - any idea why this works? – Mar 23 '14 at 14:17
-
Your tool may remove the whitespace for you. `.cer` and `.der` are just extensions. DER is what `.cer` is normally encoded in, although Microsoft *usually* also allows the `.cer` to be in PEM encoding as a convenience. To say that you don't want to convert to `.cer` instead of `.der` is moot - the files would be the same except for the extension (it is like saying you want to have a README instead of a `.txt` file). – Maarten Bodewes Mar 24 '14 at 08:25