How to convert SSL certificate format using OpenSSL(For Omada SDN Controller)
OC200 , OC300 , Omada Software Controller
Recent updates may have expanded access to feature(s) discussed in this FAQ. Visit your product's support page, select the correct hardware version for your device and check either the Datasheet or the firmware section for the latest improvements added to your product.
The most common SSL certificates are defined by X.509. The digital certificates have different formats. Here’s a brief overview of several common formats of SSL certificates:
PEM: private key or certificate
CER: only certificate
DER: only certificate
CRT: only certificate
PFX: private key and certificate
P12: private key and certificate
JKS: private key and certificate
KEY: public key or private key
Omada Controller v5.0.30 or below supports SSL certificate in PFX and JKS format, which contains private key and certificate in one file. If the SSL certificate providers provides us with certificates in other formats, we can use OpenSSL(https://www.openssl.org/) to convert private key and certificate to PEM format at first, and then convert PEM certificate to PFX certificate.
Omada Controller v5.1 already supports PEM certificate, so we don’t need to convert PEM certificate to PFX/JKS certificate.
Following are the commands to convert certificate and private key to PFX format in OpenSSL.
1. Convert certificate and private key in PEM format to PFX format.
Openssl pkcs12 -export -out certificate.pfx -inkey privkey.pem -in cert.pem
Note: Export Password is the “Keystore Password” in Omada Controller.
privkey.pem is the private key in PEM format.
cert.pem is the certificate in PEM format.
certificate.pfx is the SSL certificate in PFX format.
2. Convert certificate in CRT, DER or CER format to PEM format.
openssl x509 -in cert.crt -out cert.pem -outform PEM
cert.crt is the certificate in CRT format. We also can replace it with certificate in DER or CER format.
cert.pem is the certificate in PEM format.
3. Convert private key in KEY format to PEM format.
openssl rsa -in private.key -out private.pem -outform PEM
Note: pass phrase is the password of private key.
private.key is the private key in KEY format.
Private.pem is the private key in PEM format.
Is this faq useful?
Your feedback helps improve this site.
What’s your concern with this article?
- Dissatisfied with product
- Too Complicated
- Confusing Title
- Does not apply to me
- Too Vague
- Other
Thank you
We appreciate your feedback.
Click here to contact TP-Link technical support.
TP-Link Community
Still need help? Search for answers, ask questions, and get help from TP-Link experts and other users around the world.
We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .
We have updated our Policies. Read Privacy Policy and Terms of Use here.
This website uses cookies to improve website navigation, analyze online activities and have the best possible user experience on our website. You can object to the use of cookies at any time. You can find more information in our privacy policy .
Basic Cookies
These cookies are necessary for the website to function and cannot be deactivated in your systems.
TP-Link
SESSION, JSESSIONID, accepted_local_switcher, tp_privacy_base, tp_privacy_marketing, tp_smb-select-product_scence, tp_smb-select-product_scenceSimple, tp_smb-select-product_userChoice, tp_smb-select-product_userChoiceSimple, tp_smb-select-product_userInfo, tp_smb-select-product_userInfoSimple, tp_top-banner, tp_popup-bottom, tp_popup-center, tp_popup-right-middle, tp_popup-right-bottom, tp_productCategoryType
Youtube
id, VISITOR_INFO1_LIVE, LOGIN_INFO, SIDCC, SAPISID, APISID, SSID, SID, YSC, __Secure-1PSID, __Secure-1PAPISID, __Secure-1PSIDCC, __Secure-3PSID, __Secure-3PAPISID, __Secure-3PSIDCC, 1P_JAR, AEC, NID, OTZ
Zendesk
OptanonConsent, __cf_bm, __cfruid, _cfuvid, _help_center_session, _pendo___sg__.<container-id>, _pendo_meta.<container-id>, _pendo_visitorId.<container-id>, _zendesk_authenticated, _zendesk_cookie, _zendesk_session, _zendesk_shared_session, ajs_anonymous_id, cf_clearance
Analysis and Marketing Cookies
Analysis cookies enable us to analyze your activities on our website in order to improve and adapt the functionality of our website.
The marketing cookies can be set through our website by our advertising partners in order to create a profile of your interests and to show you relevant advertisements on other websites.
Google Analytics & Google Tag Manager
_gid, _ga_<container-id>, _ga, _gat_gtag_<container-id>
Google Ads & DoubleClick
test_cookie, _gcl_au