DX Application Performance Management

Expand all | Collapse all

How to convert .p12 to .pem for CEM

  • 1.  How to convert .p12 to .pem for CEM

    Posted Nov 14, 2018 04:06 PM

    Trying to convert .p12 to .pem in order to import the cert key into CEM.

     

    Thanks in advance for any/all help.

     

    Manish



  • 2.  Re: How to convert .p12 to .pem for CEM



  • 3.  Re: How to convert .p12 to .pem for CEM

    Posted Nov 15, 2018 10:41 AM

    the doc is no helpful since it's very generic. I am working with WebLogic and not seeing where the .key file would be. It's a Windows 10 Server w/ WebLogic



  • 4.  Re: How to convert .p12 to .pem for CEM

    Broadcom Employee
    Posted Nov 16, 2018 12:47 PM

    You can use Open SSL 

    OpenSSL Convert PFX

    Convert PFX to PEM

    openssl pkcs12 -in certificate.pfx -out certificate.cer -nodes

    I see a Weblogic KB on this . 

    E-WL: How to Extract the Private Key from a WebLogic Keystore into other Formats such as PKCS#12 or PEM? (Doc ID 638668.1)

     

    Thanks

    Hal German



  • 5.  Re: How to convert .p12 to .pem for CEM

    Posted Nov 19, 2018 10:03 AM

    Yeah, I downloaded OpenSSL onto my desktop and then used command prompt to generate .pem private key. Will try and see if that works with CEM recording.

     

    Thanks all.

    Manish



  • 6.  Re: How to convert .p12 to .pem for CEM

    Posted Nov 19, 2018 02:36 PM

    Hallett_German - for the private key (.pem) file to import successfully into CEM:

     

    A. does CEM crosscheck that key with that particular app traffic to see if it can decrypte?

     

    B. does CEM check to ensure the passphrase is correct for the .pem file?

     

    Is it A?

    Is it B?

    Is it A & B?

    Is is A or B?

     

    Basically, what does CEM need to successfully import a private key (.pem) file?



  • 7.  Re: How to convert .p12 to .pem for CEM

    Broadcom Employee
    Posted Nov 19, 2018 02:55 PM

    I don't believe it checks upon submission, but JMertin may be able to answer this.



  • 8.  Re: How to convert .p12 to .pem for CEM

    Broadcom Employee
    Posted Nov 19, 2018 03:07 PM

    I do know it checks the passphrase and you will get an error if it is incorrect. My guess is it doesn't do a.

     

    Thanks

    Hal German



  • 9.  Re: How to convert .p12 to .pem for CEM

    Posted Nov 19, 2018 03:10 PM

    My guess is the same. As long as the private key file (.pem) aligns with the passphrase.......CEM goes ahead and imports it.

     

    Now how to troubleshoot if the that .pem is NOT decrypting the traffic?



  • 10.  Re: How to convert .p12 to .pem for CEM

    Posted Nov 19, 2018 11:58 PM

    So, found out that the app performs a Diffie Hellman key exchange on the load-balancer. Since CEM doesn't support Diffie Hellman, we turned it off and problem solved.

     

    I am now able to see the transaction during recording in CEM.

     

    Cheers

    Manish



  • 11.  Re: How to convert .p12 to .pem for CEM

    Broadcom Employee
    Posted Nov 15, 2018 09:24 AM

    Thanks Junaid! Great to see community members helping out each other!



  • 12.  Re: How to convert .p12 to .pem for CEM
    Best Answer

    Posted Nov 15, 2018 11:17 AM

    mparikh72

    I don't have experience on windows cert. but trying to help you. check following link that might  help.

    https://www.sslsupportdesk.com/export-ssl-certificate-private-key-pfx-using-mmc-windows/



  • 13.  Re: How to convert .p12 to .pem for CEM

    Broadcom Employee
    Posted Nov 19, 2018 09:20 AM

    Thank You, useful!