XCOM Data TransportXCOM Data Transport - WindowsXCOM Data Transport - Linux PCXCOM Data Transport - z/OS
Issue/Introduction
The underlying OpenSSL routines will process certificates encoded with DER and also DER wrapped into PEM. The OpenSSL docs state that DER encoding is also accepted. The OpenSSl support utility can extract DER/PEM certificates from PKCS#12 files.
Environment
Release: Component: XCMVS
Resolution
View PEM encoded certificate Use the command that has the extension of your certificate replacing cert.xxx with the name of your certificate openssl x509 -in cert.cer -text -noout If you get the folowing error it means that you are trying to view a DER encoded certifciate and need to use the commands in the “View DER encoded certificate below” unable to load certificate 12626:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:647:Expecting: TRUSTED CERTIFICATE View DER encoded Certificate openssl x509 -in certificate.der -inform der -text -noout If you get the following error it means that you are trying to view a PEM encoded certificate with a command meant for DER encoded certs. Use a command in the “View PEM encoded certificate above unable to load certificate 13978:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1306: 13978:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:380:Type=X509 Transform Transforms can take one type of encoded certificate to another. (ie. PEM To DER conversion) PEM to DER openssl x509 -in cert.cer -outform der -out cert.der DER to PEM openssl x509 -in cert.cer -inform der -outform pem -out cert.pem