The file formats and naming convention of extensions is all over the place.
PEM Format
The most common format that CAs issue certificates in. The extension can be,
- crt
- cert
- pem
- key
The file is also Base64 encoded ASCII and contains "----BEGIN CERTIFICATE---" and "---END CERTIFICATE----". The following certificates can be stored as PEM,
- Server Certificates (this the CA signed public key certificate)
- Intermediate Certificates
- Private Keys
The BonsaiFramework uses crt for the following certificates because the extension is recognized by Windows. Double-clicking on a crt file in Windows will show details about the certificate,
- Server Certificates
- Intermediate Certificates
By convention and because these keys do not work in Windows, Private Server Keys use the .key extension.
Converting from Open SSL to IKeyman
This has not been verified. I ended up recreating my certificate as the version of IKeyman had a bug exporting certificates from the key database.
Import OpenSSL to IKeyman - http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/index.jsp?topic=/com.ibm.itame.doc/ss7cumst46.htm
IBM IHS import experience - http://luskwater.blogspot.com/2009/04/importing-certificates-from-openssl.html
Import OpenSSL to IKeyman (this doc looks complete) - http://i-proving.ca/space/Brett+Dubroy/blog/2008-08-07_1
References
Good description of formats - https://www.sslshopper.com/ssl-converter.html
OpenSSL uses PKCS#12 (what is this a format?) as input and PEM as output - http://www.openssl.org/docs/apps/pkcs12.html#COMMAND_OPTIONS
More discussion on formats - http://www.bo.infn.it/alice/introgrd/certmgr/node2.html
Converting between formats - http://support.sas.com/documentation/cdl/en/secref/62092/HTML/default/viewer.htm#a002815156.htm
See what is in a cert - http://www.sslshopper.com/certificate-decoder.html