DER

May 3, 2024 | seedling, permanent

tags :

Summary #

DER (Distinguished Encoding Rules) is a binary encoding for certificates and private keys. Unlike , DER-encoded files do not contain plain text statements such as —–BEGIN CERTIFICATE—–. DER files are most commonly seen in contexts.

DER Filename Extensions #

DER-encoded files are usually found with the extensions .der and .cer.

What does a DER-encoded certificate look like? The DER-encoded SSL/TLS certificate for www.ssl.com is shown below (click to view):

Click to View DER certificate Common DER Conversions In the OpenSSL commands below, replace the filenames in ALL CAPS with the actual paths and filenames you are working with.

View contents of DER-encoded certificate file

openssl x509 -inform der -in CERTIFICATE.der -text -noout
# Convert DER-encoded certificate to PEM
openssl x509 -inform der -in CERTIFICATE.der -out CERTIFICATE.pem

Convert DER-encoded certificate with chain of trust and private key to PKCS#12 To convert a DER certificate to PKCS#12 it should first be converted to PEM, then combined with any additional certificates and/or private key as shown above. For a more detailed description of converting DER to PKCS#12, please see this how-to.

DER

Summary #

DER Filename Extensions #

Links to this note