See below for exporting a certificate to a file.

To export a certificate

1. Log in as an administrator with either:
   • A global_admin role.
   • The <ca>_admin role for the certificate authority that issued the certificate.
2. Go to Control > Certificates.
3. In the main grid, click Select Action > Export for the certificate.
4. In the Export format list, select one of the following values.
   • PEM - Base64 encoded public certificate and private key (.pem)
   • PKCS12 - Encrypted public certificate and private key (.p12)
   • DER - Binary encoded public certificate (.der)

5. In the Export Filename field, enter a name for the exported file. Certificate Hub provides a default name that you may override.

   Exported files will go to your browser's download directory.

6. Select the elements to include in the generated file.
   • The Include Public Certificate checkbox is available for all formats.
   • The Include Certificate Chain checkbox is available for PEM and PKCS#12 formats.
   • The Include Private Key checkbox is available for PEM and PKCS#12 formats.

PEM - Base64 encoded public certificate and private key (.pem)

Select this format to export the base64 encoding of the public certificate and private key. Run the following command to view the file after exporting.

You'll find that the PEM format consists of a set of blocks delimited with BEGIN and END markers.

PKCS12 - Encrypted public certificate and private key (.p12)

Select this format to export the certificate, the chain, and the private key in PKCS #12 file. When selecting this format, the Export dialog displays an additional Password field to enter a password for protecting the PCKS #12 contents.

Run the following command to decrypt and view the file.

DER - Binary encoded public certificate (.der)

Select this format to export a binary DER-encoded file typically used for public certificates, so Certificate Hub limits the options here. Run the following command to view the file contents.