Self-signed certificate in something other than DER or JKS

I already have a self-signed certificate encoded in something other than DER or JKS that I would like to use.

The following section will describe how to convert your existing non-.jks or .der certificate into the .der format so that the Federated Sign-In module can be used.

For this we will download and use an external application called OpenSSL (external link) and provide a few common conversion examples.

Please review OpenSSL documentation for additional guidance.

 

There are several utilities available for certificate conversion, so if you would like to use something else ensure it can convert your current certificate format into .der format.

  1. Download and install OpenSSL.
  2. Open a command line, navigate to OpenSSL and issue the command specific to your conversion needs.
    1. For example, to convert .pem format to .der:

      2. Copy 
      openssl x509 -in CERT.pem -out CERT.der -outform DER

    2. For example, to convert .pfx format to .pem:

      3. Copy 
      openssl pkcs12 -in certificatename.pfx -out certificatename.pem

       

When the conversion is complete (which may require more than one operation), your certificate is now in the required .der format.

You can continue to the next section to configure the Federated Sign-In module with this certificate.