Issue 1: I can't open my certificate files
If you need to copy & paste the content of your certificate files into any type of user interface (e.g. the user interface of your hosting provider), you can open both the .crt and .key files with any text editor of your choice, e.g. "Notepad" on Windows or "TextEdit" on Mac OS.
Issue 2: The certificate has the wrong file format
For some servers, such as Microsoft IIS and various Microsoft Azure services, it is required that certificate files are supplied in the PKCS12 (.p12 or .pfx file extension) file format.
ZeroSSL by default supplies certificates in PEM format. To convert your certificate to PKCS12 please follow these steps:
- Download your certificate from ZeroSSL and unzip it to a folder on your harddisk
- If you're using Windows, install OpenSSL and add it to your path. This guide might be helpful. MacOS has Openssl pre-installed, most Linux distributions as well.
- On MacOS and Linux open a terminal (on Windows open a command prompt) and change to the directory where you extracted the certificates to
- Run the following commands to generate the "certificate.p12" PKCS12 file:
On MacOS or Linux:
cat certificate.crt ca_bundle.crt > full_chain.crt
openssl pkcs12 -export -out certificate.p12 -inkey private.key -in full_chain.crt
On Windows:
copy /b certificate.crt + ca_bundle.crt full_chain.crt
openssl pkcs12 -export -out certificate.p12 -inkey private.key -in full_chain.crt
Troubleshooting guidelines
Before contacting us please try the following three things: