Cisco Cisco Web Security Appliance S670 Guida Utente
A-9
Cisco IronPort AsyncOS 7.7 for Web User Guide
Appendix A HTTPS Reference
Decrypting HTTPS Traffic
Converting Certificate and Key Formats
The root certificate and private key files you upload to the appliance must be in PEM format. DER format
is not supported. However, you can convert certificates and keys in DER format into the PEM format
before uploading them. For example, you can use OpenSSL to convert the format.
is not supported. However, you can convert certificates and keys in DER format into the PEM format
before uploading them. For example, you can use OpenSSL to convert the format.
Use the following OpenSSL command to convert a DER formatted certificate file to a PEM formatted
certificate file:
certificate file:
openssl x509 -inform DER -in
cert_in_DER
-outform PEM -out
out_file_name
You can also convert key files in DER format into the PEM format by running a similar OpenSSL
command.
command.
For RSA keys, use the following command:
openssl rsa -inform DER -in
key_in_DER
-outform PEM -out
out_file_name
For DSA keys, use the following command:
openssl dsa -inform DER -in
key_in_DER
-outform PEM -out
out_file_name
For more information about using OpenSSL, see the OpenSSL documentation, or visit
http://openssl.org.
http://openssl.org.