Convert openssl .key file to .pem

Convert openssl .key file to .pem

For converting .key file to .pem file,

Your keys may already be in PEM format, but just named with .crt or .key.

If they begin with -----BEGIN and you can read them in a text editor (they use base64, which is readable in ASCII, not binary format), they are in PEM format.

If the file is in binary, for the server.crt, you would use 
	openssl x509 -inform DER -outform PEM -in server.crt -out server.crt.pem

	For server.key, use openssl rsa in place of openssl x509.

The server.key is likely your private key, and the .crt file is the returned, signed, x509 certificate.

If this is for a Web server, and you cannot specify loading a separate private and public key, you may need to concatenate the two files. For this use: cat server.crt server.key > server.includesprivatekey.pem. I would recommend naming files with "includesprivatekey" to help you manage the permissions you keep with this file.

This is maybe true
If the file begins with -----BEGIN RSA PRIVATE KEY----- then you are good
But if your file starts with -----BEGIN PRIVATE KEY-----

True PEM Format
Then you need to run the following openssl command
openssl rsa -in C:\Certificates\localPrivateKeyfile.key -text > privateKeyFileInPemFormat.pem

Eğer ÖZEL SSL KULLANIYORSA .PEM ÇEVİRMEK İÇİN İZLENEKCEK YOLLAR;

openssl x509 -in certificate.crt -out certificate.pem -outform PEM
openssl rsa -in private.key -text > privatekey.pem

Ran into the same problem myself in following the instructions here: https://openxpki.readthedocs.io/en/latest/quickstart.html

They tell you generate vault.key and vault.crt, but it appears you also need to copy /etc/openxpki/local/keys/vault.key to vault-1.pem in order for openxpkicli get_token_info --arg alias=vault-1 --realm=democa to work.