Overview

Certificate Converter is a command-line utility included in the software platform installation package. It converts client certificates in PEM format into a password-protected PFX file. The tool is located in the product’s installation directory, typically under ...\<product_name>\<product_version>\Utilities\CertificateConverter.exe.

The utility supports .pem certificate and key files, along with an optional root certificate authority (CA) file. It requires .NET Core 5.0 and a Windows x64 environment.

Purpose and Key Concepts

The CertificateConverter.exe utility is used to generate a .pfx certificate file by combining a client certificate, its private key, and a optional root CA file. The output is a single, encrypted certificate file suitable for secure import into various systems.

Key concepts

  • PEM certificate file: A Base64-encoded certificate file, typically named with .pem.crt or .pem extension.

  • PEM key file: A Base64-encoded private key file, usually with a .pem.key extension.

  • Root CA file: A trusted certificate authority file, often required by some systems. Usually with a .pem extension.

  • PFX file: A binary format (PKCS #12) that combines a certificate, private key, and optionally a root CA into a single encrypted file.

Command-line arguments

  • /certificate: Path to the PEM certificate file.

  • /key: Path to the PEM private key file.

  • /rootca: Path to the PEM root CA file (optional). 

  • /password: Password to secure the output PFX file.

Example usage

To use it, run the executable from the Command Line with the input arguments. The syntax would be as detailed below:

CertificateConverter.exe /certificate:"<PathToCertificateFile.pem.crt>" /key:"<PathToKeyFile.pem.key>" /rootca:"<PathToRootCA.pem>" /password:<PasswordForExportedCertificate>

After that, the PFX file is created in the same folder as the certificate in PEM format input file.

In this section: