Skip to main content

Custom SSL Certificate

You can continue using your custom certificate by going to the Arvancloud HTTPS Settings.

Activate the HTTPS for your account, then click on the Custom Certificate. Upload the Certificate and Private Key files, and, if necessary, the Bundle of your certificate.

For this, you need your .crt file and private key. In the following document, you can learn how to prepare SSL/TLS Certificates in the PEM format and how to create a Certificate Trust Chain.

Preparing SSL/TLS Certificate in PEM Format​

The PEM (Privacy-enhanced Electronic Mail) format is used for storing keys and encrypted certificates. It is the most popular format for open-source systems.

Unlike most binary storing formats, the PEM format uses base64 for encoding. This makes reading the file much more accessible.

Although the extensions in the open-source system are not of high importance, PEM files that include private keys use extensions of .key, and the certificate files use the certificate of .cer, .crt, or .pem.

You can view PEM files using text editors such as notepad or vim.

The content of the Private Key will be like this:

-----BEGIN PRIVATE KEY-----
MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCuaGs3MHEOUMvOv7QLx1cAgx7BDMHE0e
q70/A+JZlYjDL7IAcoubgibfRWyEPombDF/TtnOzuYXuNTtkGVK+iOI3HbTgVANOrhIhTO91Vh3MDBftlN
dzsYg4Ct/dZfvwGixgVfOza5nYcPSFJ5r89fre1EV/3QA3m+oPYimejcTCwEcByxxP7unmoxR9wJMYCmF3
IOtRKGMhCnIbmIRwvaQ0yeCk9vh4WoZBbqJx4pVXmqz5D4IfDt2E41NiecWVoNHMTEF9xE2Few3tPyfMMt
qQH713DiVNmLBjHkJLK8a/ev2NjFMg8KTZ0hlVyaeBZDPz0iNk3iaeXfpspZ42kPAgMBAAECggEANcqEzu
fE5spqoaCkskFQBxtpv9bkaITp5fZvEWvdSN8s1iFBtADb1tqc0qs/rpzAVcBNswAk2FDjwizjO1PojPZH
poEAw5XOn5M4YcEM93rzhHpQIUFV27CrXn58wNkTcxWqEH4d2c/JGSCQN3HO/s6Q8FRHNwHraa0RXQilNl
RROKSyDZTMyTOB0zBxXR5eJ1izXISgJVhL+UTb1VUj+XdhmSVqP45p2dhJWTyGHy6OtaQDo7mUB+gTJzmL
bFJxX2Hl50mh9R/Y3fLwGyg3uLBiibMq8ajFSPGgRTkdx+EYPjRuDHLZ2qSCwqrUUuI2X1qAaOyLI+hdjl
Mlz048QQKBgQDk6kC33UmLGQSO+kqz+j8Zh9lnEMU49Gfq0x4VZjnp9qzj9/8Cl+cOoAxcb1ZzQITvGf0w
w85dhSPKh68xQSfefJRm1z6JVyjCVOUYWCN3XTxp7tZMXvSe0ED+HWwC5QoDl43mceQ5xjXnsEChX534u7
96EA8P83QqsMLlH6YkZLqas6K4R9iAtO14tIVoPeVAfZLYQKBgQDDCypU6A08aWyt9Bncfb6mUhheL7LFM
RK9fFxvWuSGLSeZ0hFjGGNJjIOcUUZvnXYTYmuYRrNnNtqY/UvB4ubWncbnU6HY/eZSejWp2GDiU9yGfvG
ObwoRv7X5341LKR4KJcdsC5QoDl43mceQ5xjXnsECh/Lssm5EGLsWJ/z6bwKBgELtfliDeVIS0XNgGGFAh
BxZzKVGkPMS+iL88Km/BqWx+mB4jHVcpjBveM25u6PctEEX7x/Hz9kl6Q34167l5ts0v0rGGcGb2w3eNlE
Ey/HFL7mlG8CebpTUPHxPa+s5sTYsTWd51abYFp9SyIqDCbovEbbdLrraAyRRuLE3LqRhAoGAQ7V5kZYpG
iLDDrRh0fB5IcX4HaJTXi9GAS/N6v5TvNyqFbUeQhdySFMWUUrJt++i0OHm1isdFqStSFUOWpWJa1HEfgP
DeM/TiChSvs6V+5v/P1WMR9T2WukBpGfd5gy1F/K7gx+V5D3wqT6iUARZ1GiROm61f0QGEW/AatWg9dMCg
YAAnR/QIVTUV+LuINT9lBUsv7lqQzo8wUC2Itn6nD3zmKiJb/lvA/jSZAXMGc3oqBS+ocznKrABp39MONj
6Bp7lzvrNHuO8L5v7kK24snyyBfyizu03IbkHUOiIs5rXuD1N6fVG2XKQv9QsUm6NZp0o1uGia9hksHK00
QOXRhsGdA==
-----END PRIVATE KEY-----

A sample PEM file containing Certificate content will have a structure similar to this:

-----BEGIN CERTIFICATE-----
MIICLDCCAdKgAwIBAgIBADAKBggqhkjOPQQDAjB9MQswCQYDVQQGEwJCRTEPMA0GA1UEChMGR251VExTMSU
wIwYDVQQLExxHbnVUTFMgY2VydGlmaWNhdGUgYXV0aG9yaXR5MQ8wDQYDVQQIEwZMZXV2ZW4xJTAjBgNVBA
MTHEdudVRMUyBjZXJ0aWZpY2F0ZSBhdXRob3JpdHkwHhcNMTEwNTIzMjAzODIxWhcNMTIxMjIyMDc0MTUxW
jB9MQswCQYDVQQGEwJCRTEPMA0GA1UEChMGR251VExTMSUwIwYDVQQLExxHbnVUTFMgY2VydGlmaWNhdGUg
YXV0aG9yaXR5MQ8wDQYDVQQIEwZMZXV2ZW4xJTAjBgNVBAMTHEdudVRMUyBjZXJ0aWZpY2F0ZSBhdXRob3J
pdHkwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAARS2I0jiuNn14Y2sSALCX3IybqiIJUvxUpj+oNfzngvj/
Niyv2394BWnW4XuQ4RTEiywK87WRcWMGgJB5kX/t2no0MwQTAPBgNVHRMBAf8EBTADAQH/MA8GA1UdDwEB/
wQFAwMHBgAwHQYDVR0OBBYEFPC0gf6YEr+1KLlkQAPLzB9mTigDMAoGCCqGM49BAMCA0gAMEUCIDGuwD1KP
yG+hRf88MeyMQcqOFZD0TbVleF+UsAGQ4enAiEAl4wOuDwKQa+upc8GftXE2C//4mKANBC6It01gUaTIpo=
-----END CERTIFICATE-----

Converting Other Formats to PEM​

The certificate formats can differ based on where you have acquired it from. You can easily change the PFX-PKCS#12 or P7B-PKCS#7 formats to PEM. For this purpose, you can use online tools or follow OpenSSL instructions.

Please note that PFX files include the private key and the certificate; therefore, you can extract them from the file.

Convert DER to PEM

openssl x509 -inform der -in certificate.cer -out certificate.pem

Convert P7B to PEM

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem

Convert PFX to PEM

openssl pkcs12 -in certname.pfx -nokeys -out certificate.pem openssl
pkcs12 -in certname.pfx -nocerts -out private.key -nodes

Creating Certificate Trust Chain​

Suppose you want your SSL/TSL Certificate to work correctly and display your website’s content through the HTTPS protocol for operating systems, devices, and browsers. In that case, you need to create an SSL Certificate Trust Chain instead of uploading your certificate.

If you have not converted your certificate to PEM format, you can learn how by reading the guide on Creating a .PEM File for SSL/TLS Certification Installation.

Required Files​

When you purchase an SSL/TSL Certificate, you will have access to the Private Key, Certificate, and other files, one of which is the Root Certificate, or 1 or 3 files titled Intermediate Certificate.

If you cannot access the Root and Intermediate files, you can download them from the company's website that has provided your certificate.

Creating an SSL Certificate Trust Chain​

To create the Trust Chain file, you can easily use a text editor like vim or notepad. Then we create the website Certificate, Root Certificate and Intermediate Certificate files in one file in the following order:

β€”---BEGIN CERTIFICATE---β€”
(Your Primary SSL certificate: yourwebsite.crt)
β€”---END CERTIFICATE---β€”
β€”---BEGIN CERTIFICATE---β€”
(Your Intermediate certificate: INTERMEDIATE.crt)
β€”---END CERTIFICATE---β€”
β€”---BEGIN CERTIFICATE---β€”
(Your Root certificate: Root.crt)
β€”---END CERTIFICATE-----

You can consult the guide below to receive your Chain Certificate using your browser.