What is a PEM certificate?

PEM is a Base64-encoded DER certificate wrapped with -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- headers.

How do I get a PEM certificate?

You can export it from a browser (click the padlock → View Certificate → export), from openssl (openssl s_client -connect host:443), or from your server config.

Is my certificate sent to a server?

No. All decoding is done in your browser using a JavaScript ASN.1/DER parser.

SSL Certificate Decoder

Paste a PEM certificate and decode its subject, issuer, validity dates, SANs, and more.

$PEM Certificate

lines

0 chars1 lines

Related Tools

#CSR Decoder

Paste a PEM CSR and decode its subject, public key algorithm, and signature algorithm.

#Certificate Fingerprint Calculator

Calculate SHA-1 and SHA-256 fingerprints of a PEM certificate in colon-separated hex.

#SSL Expiry Calculator

Find out how many days until an SSL certificate expires. Paste a PEM or enter a date.

#PEM Key Parser

Paste a PEM private or public key to detect its type, algorithm, and key size.

FAQ

What is a PEM certificate?: PEM is a Base64-encoded DER certificate wrapped with -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- headers.
How do I get a PEM certificate?: You can export it from a browser (click the padlock → View Certificate → export), from openssl (openssl s_client -connect host:443), or from your server config.
Is my certificate sent to a server?: No. All decoding is done in your browser using a JavaScript ASN.1/DER parser.

Decode an X.509 SSL/TLS certificate in PEM format. Strips the PEM headers, Base64 decodes the DER bytes, and parses the ASN.1 structure to extract: subject (CN, O, OU, C), issuer, serial number, validity period (Not Before / Not After), public key algorithm and size, signature algorithm, and Subject Alternative Names (SANs). All parsing is done client-side in JavaScript.