New post

Find

Article
· Jun 18 5m read

What is a PEM Certificate File & How to Create a PEM File?

#Databases #Encryption #Security #SSL #Other

A website protected with an SSL certificate gives visitors a secure and encrypted connection. But while protecting the respective website, many technical complexities arise. Among that, one such complexity is of the.PEM file.

But what exactly is a .pem file, and how can it be used for SSL certificates? This blog is here to demystify the process for you. You'll learn how to effortlessly convert and create a .pem file for your SSL certifications.

What is a Pem file?

A few years back, security communities and Google Chrome pushed the compulsion of having SSL certificates installed. However, not every small website owner is a tech giant who knows the ins and outs of SSL certificates. And if you are also unfamiliar with the complexities of PEM files, then you are in the right place. So, let’s begin by understanding what PEM is.

Privacy Enhanced Mail or PEM file is a commonly used container format that involves cryptographic information in relation to cryptography and computer security. It contains the public certificate or the SSL chain with public and private keys, intermediate and root certificates, and end-user certificates. Also, it is a type of Public Key Infrastructure file used for certificates and keys.

PEM file starts with -

-----BEGIN <type>-----

 and ends with -

-----END <type>-----

Everything in the middle is base64 encoded(lowercase and uppercase digits,/and +), which helps in forming a block of data that is usable in other programs. A single PEM file can easily hold multiple blocks.

Although it represents all types of data, it is mainly used to encode RSA keys for SSH and certificates for SSL encryption.

Initially, PEM was to make email secure, but now it is an Internet security standard. It is a text file that carries Base64 encoding of a plain text header and footer, and certificate text. These files have extensions like  .crt, .cer, .pem, or .key.

Using separate blocks, each certificate file gets listed in a PEM file. Here’s how-

-----BEGIN CERTIFICATE-----

//end-user

-----END CERTIFICATE---

-----BEGIN CERTIFICATE-----

//intermediate

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

//root

-----END CERTIFICATE-----

How to Use a .pem File for SSL Certificates?

The PEM file helps store SSL certificates and their associated private key. To use a PEM file for SSL certificates, configure your web server with the apt certificate and key files.

  • Firstly, generate a .pem file, which involves the certificates issued by the SSL provider, and put them in a specific server location. It’s the file used in servers like Apache and Nginx to encrypt HTTPS.
  • For Apache, you must define the SSLCertificateKeyFile and SSLCertificateFile directives in the virtual host configuration. In Nginx, you have to define the path to the .pem file in the server configuration.

The use of a .pem text file ensures that the web server has essential SSL certificates to enable safe HTTPS encryption for your domain.

How to Open a .pem File?

With Notepad on Windows and Text Edit on macOS, you can easily open a .pem file with a text editor.

Other than that, you can open a .pem file with Certificate Viewer. In case a PEM file contains  X.509 certificates, you can use a management tool and certificate viewer to open and view the certificate.

  • For Windows, use the built-in Certificate Manager and access it by pressing Win + R, typing- msc, and hitting Enter. Lastly, import the file and view the certificate.
  • For macOS, use the Keychain Access app to import certificates.
  • For Linux, OpenSSL displays certificates from the command line. Use the following command to view a certificate in a PEM file-

             openssl x509 -in your_cert.pem -text -noout

Pro Tip: Use the ssh-keygen tool if the file contains SSH keys.

How to create a .pem file for SSL Certificate Installations

You can create a .pem file manually or via OpenSSL. If you bought the certificate from CA and opened the required SSL files and with the PEM file extension, copy and paste the content into another file. Ensure the certificate order is apt as per the provider’s guidelines.

How to Generate a .pem File With OpenSSL?

Follow these steps to generate a .pem file with OpenSSL-

  1. Install OpenSSL
  2. Open a command prompt or terminal.
  3. To generate the .pem file, navigate to the directory.
  4. Run the command - openssl req -newkey rsa:2048 -nodes -keyout private.key -out csr.csr to generate a private key and CSR.
  5. Now, run the following command: “openssl x509 -req -in csr.csr -signkey private.key -out certificate.pem” to generate the .pem file.

How to Generate a .pem File From a Private Key?

To generate this, we will use OpenSSL -

  1. Open a command prompt or terminal.
  2. Navigate to the directory using the associated private key.
  3. Run the command: openssl rsa -in private.key -outform PEM -out private.pem

With this, the command converts the private key to PEM format.

How to Get the Private Key From a .pem File?

To get the private key from OpenSSL-

  1. Open a command prompt or terminal.
  2. With the .pem file, navigate to the directory.
  3. Run the command: openssl rsa -in yourfile.pem -out privatekey.pem
  4. Change ‘yourfile.pem’ to your .pem file name.
  5. When prompted, enter the passphrase.

How to Convert a .pem File?

With OpenSSL or an external file converter tool, you can easily convert a .pem file.

How to Create a .pem File from .crt?

With a conversion process, create a .pem certificate file from a .crt file. As the .crt file is already a certificate in the PEM format, there is no requirement for additional steps to convert it. You can rename the file extension if you wish to create a .pem file from a .crt file. Just right-click the file on Windows and select “Rename.”

How to Convert a .crt File to .pem with OpenSSL

To convert .crt File to .pem with OpenSSL, follow these steps

  1. Open a command prompt or terminal.
  2. To convert the .crt file to a .pem file, use the command: openssl x509 -in your_certificate.crt -out your_certificate.pem -outform PEM.
  3. Replace your_certificate.pem with the desired name for the .pem file and your_certificate.crt with the actual name of your .crt file.

Frequently Asked Questions (FAQs)

1.    Can Windows Use .pem?

The answer is Yes. However, specific Windows applications that are related to Microsoft might require keys and certificates in another format, like .cer or .pfx. Using OpenSSL, you can convert the .pem file to these formats.

2.    Is a .pem File a Private Key?

Although it can, it does not every time. As a container format, it includes the entire certificate and public certificate chain.

Discussion (0)1
Log in or sign up to continue
Question
· Jun 18

Databases inside a Namespace

#InterSystems IRIS for Health

Hi,

I want to write a program to:

- list all defined namespaces

- for each namespace, the databases making up the namespace

Python would be ideal but ObjectScript is OK.

Would someone know how to do this?

Thanks

4 Comments
Discussion (4)3
Log in or sign up to continue
InterSystems Official
· Jun 17

IRIS 2025.1 日本語ドキュメント公開 & ランチャーからの参照方法

#InterSystems IRIS #InterSystems IRIS for Health #Health Connect #InterSystems Official #Supply Chain Orchestrator #Documentation

このたび InterSystems IRIS 2025.1 の日本語ドキュメントが完成しました。以下のURLでご参照いただけます。

IRIS 2025.1 https://docs.intersystems.com/iris20251/csp/docbookj/DocBook.UI.Page.cls
IRIS for Health 2025.1 https://docs.intersystems.com/irisforhealth20251/csp/docbookj/DocBook.UI.Page.cls
Health Connect 2025.1 https://docs.intersystems.com/healthconnect20251/csp/docbookj/DocBook.UI.Page.cls
Supply Chain Orchestrator 2025.1 https://docs.intersystems.com/supplychain20251/csp/docbookj/DocBook.UI.Page.cls

<--break->IRIS for Windows では、ランチャーの [ドキュメント] をクリックしたときに、好きな日本語ドキュメントを表示させることができます。

ランチャーのドキュメントリンク先は、デフォルトでは英語ドキュメントに飛ぶようになっています。ご希望の日本語ドキュメントを表示させるには、IRISサーバがIISを利用している場合は、IRISサーバ上で以下の(1)(2)を実行し、HTTPリダイレクト機能をインストール&リダイレクトを設定する必要があります。

(1) IIS HTTPリダイレクト機能追加 (まだの場合)

IRISサーバ上のIISに、リダイレクト機能を追加します。
[Windows の機能の有効化または無効化]→[インターネット インフォメーション サービス]→[World Wide Web サービス]→[HTTP 共通機能]→[HTTP リダイレクト]→[OK]

(2) 日本語ドキュメントへのリダイレクト設定

IRISサーバ上でコマンドプロンプトを管理者モードで起動し、以下3行を実行してください。これにより、希望の日本語オンラインドキュメントへのリダイレクトが設定されます。

注意
※2行目の /path は /<インスタンス名>/csp/docbook になります。以下の例では、インスタンス名=IRIS です。また、 /physicalPath は任意のフォルダで構いませんが、フォルダが存在している必要があります。
※3行目の /destination は、表示したいドキュメントの docbookj までを指定します。以下の例では、IRIS for Health にリンクしています。

cd C:\windows\system32\inetsrv
appcmd add app /site.name:"Default Web Site" /path:/iris/csp/docbook /physicalPath:c:\inetpub\docbook
appcmd set config "Default Web Site/iris/csp/docbook" /section:httpRedirect /enabled:true /destination:https://docs.intersystems.com/irisforhealth20251/csp/docbookj

IRISサーバが Apache を利用している場合は、こちら の手順をご覧ください。

 

なお、過去バージョンを含めた、日本語ドキュメント一覧は こちら からご確認いただけます。
ぜひ日本語ドキュメントをご活用いただき、IRIS 製品をより便利にお使いください。

Discussion (0)0
Log in or sign up to continue
Question
· Jun 17

Concatenation Issue

#DTL #HL7 #InterSystems IRIS for Health #Caché #Ensemble

I am trying to add a value to my concatenation string and the value is not being inserted in the right place. I am adding onto this code from another developer and cannot seem to get it to work. The only code I have added is underlined in bold red.

This is how the translated HL7 message looks:

OBX|1|CE|CDX^History||Specimen 1 Clinical History: CLINICAL HISTORY\.br\\.br\Specimen 2 Clinical History: CLINICAL HISTORY 2\.br\Specimen 1 Suspected Clinical Diagnosis\.br\Specimen 3 Clinical History: HISTORY 3\.br\Specimen 2 Suspected Clinical Diagnosis

This is how it should look:

OBX|1|CE|CDX^History||Specimen 1 Clinical History: CLINICAL HISTORY\.br\Specimen 1 Suspected Clinical Diagnosis\.br\Specimen 2 Clinical History: CLINICAL HISTORY 2\.br\Specimen 2 Suspected Clinical Diagnosis\.br\Specimen 3 Clinical History: HISTORY 3\.br\Specimen 3 Suspected Clinical Diagnosis

<if condition='..In(tProcedure,"LAB6734")' >
<annotation> ***** Is a LAB6734 DERMATOPATHOLOGY REQUEST ***** </annotation>
<true>
<assign value='..MakeLoop("Data",15)' property='vLoop' action='set' />
<assign value='1' property='vCtr' action='set' />
<assign value='""' property='vOBX3values' action='set' />

<foreach property='vLoop()' key='vKey1' >
<assign value='vOBX3values_"SPEC"_vCtr_"HX,SPEC"_vCtr_"HXC,SPEC"_vCtr_"DX,"' property='vOBX3values' action='set' />
<assign value='vCtr+1' property='vCtr' action='set' />
</foreach>
<assign value='$Piece(vOBX3values,",",1,*-1)' property='vOBX3values' action='set' />
<assign value='""' property='vSpecComments' action='set' />
<assign value='""' property='vOBX3Dx' action='set' />

<foreach property='source.{ORCgrp.OBX()}' key='k2' >
<assign value='source.{ORCgrp.OBX(k2):3.1}' property='vOBX3s1' action='set' />
<if condition='..Contains(source.{ORCgrp.OBX(k2):3.1},"CLINDX")'>
<true>
<assign value='source.{ORCgrp.OBX(k2):3.2}' property='vOBX3Dx' action='set' />
</true>
</if>
<if condition='vOBX3s1 = "347"' >
<true>
<assign value='""' property='vOBX3s2' action='set' />
</true>
<false>
<assign value='source.{ORCgrp.OBX(k2):3.2}' property='vOBX3s2' action='set' />
</false>
</if>
<assign value='source.{ORCgrp.OBX(k2):5()}' property='vOBX5' action='set' />
<if condition='..In(source.{ORCgrp.OBX(k2):3.1},vOBX3values)' >
<true>
<assign value='vSpecComments_vOBX3s2_" "_vOBX5_"\.br\"_vOBX3Dx_"\.br\"' property='vSpecComments' action='set' />
</true>
</if>
</foreach>
<assign value='$Piece(vSpecComments,"\.br\",1,*-1)' property='vSpecComments' action='set' />
<assign value='"1"' property='target.{OBX(1):1}' action='set' />
<assign value='"CE"' property='target.{OBX(1):2}' action='set' />
<assign value='"CDX^History"' property='target.{OBX(1):3}' action='set' />
<assign value='$Replace(vSpecComments,"~",";  ")' property='target.{OBX(1):5}' action='set' />
</true>

Discussion (1)1
Log in or sign up to continue
Article
· Jun 17 2m read
Open Exchange

Utilitário Multilíngue de Generative AI para WorkBench de Pattern Match

#Artificial Intelligence (AI) #Generative AI (GenAI) #InterSystems IRIS

Público-alvo

  • Pessoas interessadas em explorar novos usos para Generative AI.
  • Desenvolvedores e analistas que buscam uma forma rápida de lidar com o operador Pattern Match.

Em ObjectScript e SQL, esse operador costuma ter um formato bastante denso visualmente.

Exemplo:

 if booking?2A1"-"1(1"CARD",1"RAD")1.5N
SELECT DISTINCT PatientRef
FROM APPOINTMENT.BOOKING
WHERE Active='Y' AND
LocationCode %PATTERN '2A1"-"1(1"CARD",1"RAD")1.5N'

Desafio

Usar Generative AI para ajudar a criar e modificar códigos de pattern match a partir de descrições em linguagem natural.

Inglês Francês Espanhol
module A
um de String "CARD" ou "RAD"
O padrão principal é:
duas letras, seguido de um hífen, seguido de um module A, seguido de um a cinco números		 module A
un de Corde "CARD" ou "RAD"
le motif principal est:
deux lettres alphabétiques, suivi d’un tiret, suivi d’un module A, suivi d’un à cinq chiffres		 módulo A
uno de Cadena "CARD" o "RAD"
el patrón principal es:
dos letras alfabéticas, seguido de un guion, seguido de un módulo A, seguido de uno a cinco números

 

Link para demonstração online

Pattern Match WorkBench (hospedado no HuggingFace)

Funcionalidades Atuais

  • Exibição multilíngue
  • Aplicação auto-documentada — mostra onde os padrões são utilizados no produto IRIS
  • Converte descrições em inglês, francês e espanhol para expressões de pattern match
  • Descreve um código pattern match existente em linguagem simples (inglês, francês ou espanhol)
  • Gera listas de valores que combinam ou não com a expressão
  • Valida um lote de valores de uma tabela contra a expressão pattern match no código
  • Extrai padrões de linhas de código ObjectScript ou SQL — basta colar a linha e o demo detecta o padrão

Recursos em desenvolvimento

  • Geração automática de padrões generalizados com base em uma lista de valores que correspondem
  • Atalhos para tipos de dados comuns, como e-mail, URL etc.

Tecnologias utilizadas

  • Python para lógica server-side, treinamento de modelo e criação de dataset
  • Gradio — framework de front-end web
  • HuggingFace — para treinamento dos modelos e deploy da aplicação

 

Agradecemos qualquer feedback.
Muito obrigado.

1 Comment
Discussion (1)2
Log in or sign up to continue