Monthly Archives: August 2012

SSL Converter site

Use this SSL Converter to convert SSL certificates to and from different formats such as pem, der, p7b, and pfx. Different platforms and devices require SSL certificates to be converted to different formats.

PEM Format

The PEM format is the most common format that Certificate Authorities issue certificates in. PEM certificates usually have extentions such as .pem, .crt, .cer, and .key. They are Base64 encoded ASCII files and contain “—–BEGIN CERTIFICATE—–” and “—–END CERTIFICATE—–” statements. Server certificates, intermediate certificates, and private keys can all be put into the PEM format.

Apache and other similar servers use PEM format certificates. Several PEM certificates, and even the private key, can be included in one file, one below the other, but most platforms, such as Apache, expect the certificates and private key to be in separate files.

DER Format

The DER format is simply a binary form of a certificate instead of the ASCII PEM format. It sometimes has a file extension of .der but it often has a file extension of .cer so the only way to tell the difference between a DER .cer file and a PEM .cer file is to open it in a text editor and look for the BEGIN/END statements. All types of certificates and private keys can be encoded in DER format. DER is typically used with Java platforms. The SSL Converter can only convert certificates to DER format. If you need to convert a private key to DER, please use the OpenSSL commands on this page.

PKCS#7/P7B Format

The PKCS#7 or P7B format is usually stored in Base64 ASCII format and has a file extention of .p7b or .p7c. P7B certificates contain “—–BEGIN PKCS7—–” and “—–END PKCS7—–” statements. A P7B file only contains certificates and chain certificates, not the private key. Several platforms support P7B files including Microsoft Windows and Java Tomcat.

PKCS#12/PFX Format

The PKCS#12 or PFX format is a binary format for storing the server certificate, any intermediate certificates, and the private key in one encryptable file. PFX files usually have extensions such as .pfx and .p12. PFX files are typically used on Windows machines to import and export certificates and private keys.

DNS seerver service not able to install on win2k8 EE

When you try to install DNS via the server manager getting  “fatal error code 0x80070643″.But through command line”servermanagercmd -install dns” after some times  it gives another message “servermanagercmd.exe has stopped working”.

This is because default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008
So resolve the issue increase the port using below commands

netsh int <ipv4|ipv6> set dynamic <tcp|udp> start=number num=range

•netsh int ipv4 set dynamicport tcp start=10000 num=1000
•netsh int ipv4 set dynamicport udp start=10000 num=1000
•netsh int ipv6 set dynamicport tcp start=10000 num=1000
•netsh int ipv6 set dynamicport udp start=10000 num=1000

These sample commands set the dynamic port range to start at port 10000 and to end at port 11000 (1000 ports). The minimum range of ports that can be set is 255. The minimum starting port that can be set is 1025. The maximum end port (based on the range being configured) cannot exceed 65535. To duplicate the default behavior of Windows Server 2003, use 1025 as the start port, and then use 3975 as the range for both TCP and UDP. This results in a start port of 1025 and an end port of 5000.


%d bloggers like this: