OnlineNIC SSL Certificate tools - to help you check, generate, verify, convert SSL certificate, provide everything you need with SSL certificate.

Resellers| FAQ |Help

Forget Details?

Domains

Register A Domain

Premium Domain Name

Domain Reseller

Free Service

Promotions

Domain Add-Ons

Domain Name Whois

Domain Monetizing

Domain Escrow Service

Pre-order Domain names

Domain Privacy

New gTLDS

With hundreds of new gTLDS available, now we have a lot more options to get the right name that fits your business or service. Its more memorable, more meaningful and more relevant.

Learn more
SSL Certificates

SSL Certificates

The key to cyber security is to always stay one step ahead. Nowadays, no component of security solution in defending your website is more important than SSL/TLS.

SSL Tools

SSL wizard

SSL Brands

Symantec GeoTrust RapidSSL Sectigo Sectigo Positive

SSL types

DV Certificates(Basic certificate)

OV Certificates (High assurance)

EV Certificates (Maximum Trust)

Multi-Domain/SAN/UCC certificates

Wildcard Certificates

Code Signing Products

S/MIME - Email Certificate
Cloud
Elastic Cloud Server

OnlineNIC ECS provides secure, resizable compute capacity to make web-scale cloud computing easier for developers and save their costs. All ECS instances come with Anti-DDoS protection to safeguard your data and applications from DDoS and Trojan attacks.

Pricing Partner Program
- Calculator
Reseller Hosting

Reseller Hosting

For reseller hosting

Personal Hosting

For individual/small website

Demo

Hosting Services

We all know that finding a cheap, reliable web hosting with unlimited user accounts is not a simple task so we've put all the information you need in one place to help you make your decision.
cPanel Contrl Panel
Full-Featured Linux Plan
Unlimited Domains
Email
DB Support

Learn more
Website Builder
Email Solution

Enterprise Email

The hosted Email platform that Adapts to your business
Traditional Business email is out! Try your new experience of Intra Communication Solution with OnlineNIC now!

Why us Free Trial

APP - Mailchat
WHMCS Module
Reseller
Reseller program

Product pricing

Value Added service

Referral program

Click on the specific tool tab based on your need below and proceed

SSL Checker

Certificate Decoder

CSR Decoder

Certificate Key Matcher

SSL converter

Server host name	port

Well done! It is a secure connection! view certificate detail >>

Server Certificate Information:

Common Name
Subject Alternative Names
Organization
Location
Valid From
Valid To
Issuer
Serial Number
Key Size
Algorithm

Server DNS Information:

IP address
Server type

Certificate Chain:

You may simply paste text of SSL certificate into the box below and our Decoder will check it.
Your Certificate should start with
"-----BEGIN CERTIFICATE-----"
and end with
"-----END CERTIFICATE-----"
If you want to decode certificates on your own server with OpenSSL command, use command below.

OpenSSL> x509 -in example.crt -text -noout

Common Name:
Company:
Department:
Province:
Country:
Valid From:
Valid To:
Serial Number:
Key Size:
Algorithm:

You may simply paste your CSR into the box below and our Decoder will check it.
Your CSR should start with
"-----BEGIN CERTIFICATE REQUEST-----"
and end with
"-----END CERTIFICATE REQUEST-----"
If you want to check CSRs on your own server with OpenSSL command, use command below.

openssl req -in example.csr -noout -text

Common Name:
Organization:
Organizational Unit:
City/Locality:
State/Province:
Country:
Email:

The Certificate Key Matcher simply compares a hash of the public key from the private key, the certificate, or the CSR and tells you whether they match or not. You can check whether a certificate matches a private key, or a CSR matches a certificate on your own computer by using the OpenSSL commands below:

openssl pkey -in privateKey.key -pubout -outform pem | sha256sum
openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum
openssl req -in CSR.csr -pubkey -noout -outform pem | sha256sum

Your private key is intended to remain on the server. While we try to make this process as secure as possible by using SSL to encrypt the key when it is sent to the server, for complete security, we recommend that you manually check the public key hash of the private key on your server using the OpenSSL commands above.

Check if a Certificate and a Private Key match Check if a Certificate and a CSR match

Enter your Certificate:

Enter the private key

Enter the CSR

If your server/device requires a different certificate format other than Base64 encoded X.509, a third party tool such as OpenSSL can be used to convert the certificates into the appropriate format. OpenSSL is an open source tool. You can find some common openssl commands for conversion at the bottom of page. You may also try with our free SSL Converter.

Your private key is intended to remain on the server. While we try to make this process as secure as possible by using SSL to encrypt the key when it is sent to the server, for complete security, we recommend that you manually convert SSL certificate on your server using the OpenSSL commands below.

Your certificate

Type of current certificate

Convert certificate to

CA Intermediate certificate (Optional)

Private Key

Enter PFX Password (Keep it safe)

OpenSSL Commands to Convert SSL Certificates on Your Machine

Common commands are listed below for your reference.

Convert x509 to PEM

openssl x509 -in certificatename.cer -outform PEM -out certificatename.pem

Convert PEM to DER

openssl x509 -outform der -in certificatename.pem -out certificatename.der

Convert DER to PEM

openssl x509 -inform der -in certificatename.der -out certificatename.pem

Convert PEM to P7B

Note: The PKCS#7 or P7B format is stored in Base64 ASCII format and has a file extension of .p7b or .p7c. A P7B file only contains certificates and chain certificates (Intermediate CAs), not the private key. The most common platforms that support P7B files are Microsoft Windows and Java Tomcat.

openssl crl2pkcs7 -nocrl -certfile certificatename.pem -out certificatename.p7b -certfile CACert.cer

Convert PKCS7 to PEM

openssl pkcs7 -print_certs -in certificatename.p7b -out certificatename.pem

Convert PFX to PEM

openssl pkcs12 -in certificatename.pfx -out certificatename.pem

Convert P7B to PFX

STEP 1: Convert P7B to CER

openssl pkcs7 -print_certs -in certificatename.p7b -out certificatename.cer

Step2: Convert CER and Private Key to PFX

openssl pkcs12 -export -in certificatename.cer -inkey privateKey.key -out certificatename.pfx -certfile cacert.cer

Disclaimer, Limitation of liability, and Indemnity

It is your responsibility to hold the safety and security of the private key, CSR generated and other information presented on this website. OnlineNIC do not save, store, any information in this regard.

YOU UNDERSTAND AND AGREE THAT YOUR USE OF THE SERVICE IS SOLELY AT YOUR OWN RISK AND THAT THE SERVICE IS PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS. OnlineNIC EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT.

To the fullest extent permitted by law, OnlineNIC:

- excludes all representations and warranties relating to this website and its contents or tools, including in relation to any inaccuracies or omissions in this website and/or the Company’s literature;

- excludes all liability for damages arising out of or in connection with your use of any facility, tools, script provided on this website. This includes, without limitation, direct loss, loss of business or profits (whether or not the loss of such profits was foreseeable, arose in the normal course of things or you have advised this Company of the possibility of such potential loss), damage caused to your computer, computer software, systems and programs and the data thereon or any other direct or indirect, consequential and incidental damages.

You agree to release, indemnify, defend and hold harmless OnlineNIC and its officers, directors, shareholders, contractors, agents, employees, licensors and assigns from all liabilities, claims, damages, costs and expenses, including reasonable attorneys’ fees, made by any third party due to or arising out of or in connection with your breach or alleged of these Terms of Service and your use of the Service. OnlineNIC reserves the right, at its own expense, to assume the exclusive defense and control of any matter otherwise subject to indemnification by you, in which event you will assist and cooperate with OnlineNIC in asserting any available defenses.

Click on the specific tool tab based on your need below and proceed

Server Certificate Information:

Server DNS Information:

Certificate Chain:

Result

Result

Result

OpenSSL Commands to Convert SSL Certificates on Your Machine

Convert x509 to PEM

Convert PEM to DER

Convert DER to PEM

Convert PEM to P7B

Convert PKCS7 to PEM

Convert PFX to PEM

Convert P7B to PFX