5

I bought a certificate from a CA and I don't know much about certificates. I need a PEM format certificate to use in dovecot. It could be a fool question as I don't know much about certificates. I got three files from the CA : .ca-bundle .crt .p7b I need both public and private keys

Superjeng1
  • 53
  • 1
  • 1
  • 4
  • This is what you can do (crt to pem) -> http://stackoverflow.com/questions/991758/how-to-get-an-openssl-pem-file-from-key-and-crt-files – Mihriban Minaz Jan 25 '16 at 15:11

1 Answers1

1

You can use this tool or the OpenSSL commands available in the same page to convert the certificate into PEM.

I'm honestly quite surprised about the files you received. Generally, the CAs already sends you the PEM encoded certificates.

The .ca-bundle and .crt are likely to be the intermediate chain and the server certificate. The .p7b is in general a bundle of both intermediate and server into a single file, if that's the case you can ignore it and use the bundle and crt files.

As for the key, you should have it as the key is used to sign the CSR you provided the CA.

You may also want to check your CA documentation to better understand the content of each these files.

Simone Carletti
  • 173,507
  • 49
  • 363
  • 364
  • When you say `As for the key, you should have it as the key is used to sign the CSR you provided the CA.` Do you mean certificate request that begin like this `-----BEGIN CERTIFICATE REQUEST-----` and how to convert it to a pem file because I only copy and pastes the request in text. @Simone Carletti – Superjeng1 Jan 27 '16 at 11:30
  • That's the CSR, it's not the key. You generated the key before generating the CSR. – Simone Carletti Jan 27 '16 at 11:47
  • Ok, I think I need to reissue the certificate, because I use the Mac OS X server app to generate the CSR. Thanks so much for helping! I will accept your answer. – Superjeng1 Jan 28 '16 at 10:54