Private key and certificate format
Ensure that the private key and the certificate files have the following format and structure.
- Private key format
- PEM-encoded and without a password protection. The pvk format is not supported. Ensure that the
private key (private.key) is enclosed between the
following statements:
-----BEGIN PRIVATE KEY----- <<base64 string from private.key>> -----END PRIVATE KEY-----
- X509 certificate format
- PEM-encoded. If you have also received the intermediate and root certificates as separate files,
you should combine all of them into a single one. For
example, if you have the primary certificate file
(certificate.crt) and the intermediate
certificate file (ca_intermediate.crt), ensure that
you combine them in the following order, primary certificate
first followed by the intermediate certificate:
If you received the root certificate (ca_root.crt) in addition to the intermediate certificate, combine them as follows:-----BEGIN CERTIFICATE----- <<primary certificate: base64 string from certificate.crt>> -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- <<intermediate certificate: base64 string from ca_intermediate.crt>> -----END CERTIFICATE-----
-----BEGIN CERTIFICATE----- <<primary certificate: base64 string from certificate.crt>> -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- <<intermediate certificate: base64 string from ca_intermediate.crt>> -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- <<root certificate: base64 string from ca_root.crt>> -----END CERTIFICATE-----
- Single file (private key with certificates) format
- PEM-encoded. This file can contain both the private key and the primary certificate, or the
private key and the chain of certificates, combined in the
following order, and with the beginning and end tags on each
certificate:
- Private key and primary
certificate:
-----BEGIN CERTIFICATE----- <<primary certificate: certificate.crt>> -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- <<private key: base64 string from private.key>> -----END PRIVATE KEY-----
- Private key, primary certificate and
intermediate
certificate:
-----BEGIN CERTIFICATE----- <<primary certificate: base64 string from certificate.crt>> -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- <<intermediate certificate: base64 string from ca_intermediate.crt>> -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- <<private key: base64 string from private.key>> -----END PRIVATE KEY-----
- Private key, primary certificate, intermediate
certificate and root
certificate:
-----BEGIN CERTIFICATE----- <<primary certificate: base64 string from certificate.crt>> -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- <<intermediate certificate: base64 string from ca_intermediate.crt>> -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- <<root certificate: base64 string from ca_root.crt>> -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- <<private key: base64 string from private.key>> -----END PRIVATE KEY-----
- Private key and primary
certificate: