Skip to Content
Certificate Format

Certificate Formats

Format Requirements

Currently, there are two ways to upload certificates: the first is directly uploading the certificate file, and the second is manually entering the certificate text information.

Directly Uploading a File

If you choose to directly upload the certificate file, you need to prepare the following files:

  • Required: The website’s certificate file (cer/crt/pem format). The text format of the file is as follows:
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
  • Required: The private key file (key file). The text format of the file is as follows:
-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
  • Optional: Intermediate certificate, root certificate (certificate chain, cer/crt/pem format). The text format of the file is as follows:
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

Ensure the certificate you provided is not password protected. When uploading a certificate or manually entering certificate details, please make sure the certificate format is correct. If there is a format validation error, the certificate addition will be unsuccessful.

Manually Entering the Certificate

If you choose to manually enter the certificate, the text needs to sequentially include the following fields: private key, website certificate, intermediate certificate, root certificate, etc. Refer to the following format (please ensure the integrity of the certificate while copying):

-----BEGIN RSA PRIVATE KEY-----
...
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----

If your certificate is in another format, it is recommended to use the OpenSSL tool for format conversion.

DER to PEM:

Certificate conversion: openssl x509 -inform der -in certificate.cer -out certificate.pem

Private key conversion: openssl rsa -inform DER -outform PEM -in privatekey.der -out privatekey.pem

Private Key PKCS#8 Format to PKCS#1:

If your private key begins with: -----BEGIN PRIVATE KEY-----

Execute private key conversion: openssl rsa -inform PEM -in yours_pkcs8.pem -out yours_pkcs1.pem

Enable accelerated access for overseas users to domestic websites through global dynamic accelerationFAQ