.PEM File Extension
Privacy Enhanced Mail Certificate
3.8 | 91 Votes
What is a PEM file?
A PEM file is a Base64-encoded certificate file used to authenticate a secure website. It may contain a private key, certificate authority (CA) server certificate, or other various certificates that make up the trust chain. PEM files are typically imported from a Unix-based Apache Web server and compatible with OpenSSL applications.
Secure certificates, like PEM-encoded X.509 certificates, are a way to verify the security and authenticity of an organization online. Organizations apply for certificates from third-party CA companies, such as Verisign or Thawte, and receive a secure certificate if they are deemed legitimate and trustworthy. The certificate is then uploaded to a secure web server to indicate that the organization's website is trustworthy, which is reassuring for Internet users making purchases and entering sensitive information online.
The Privacy Enhanced Mail (PEM) format was originally developed to secure mail in the 1990s but was never widely adopted. Instead, the PEM container was re-purposed for storing certificate-related information.
You most likely will not encounter a PEM file unless you are a webmaster since PEM certificate files are generated automatically and are not meant to be opened or edited manually. However, some secure websites may ask users to upload a PEM file (possibly sent in an email) in order to authenticate their identity.
If you do need to view the contents of a PEM file, you can open it with a text editor, such as Microsoft Notepad or Apple TextEdit. The file consists of one or more headers that indicate the information stored in the file. For example, a PEM file that contains an RSA private key and a certificate will look like this:
-----BEGIN RSA PRIVATE KEY-----
[RSA private key text]
-----END RSA PRIVATE KEY-----
NOTE: PEM files are similar to .DER certificate files, but contain Base64-encoded text instead of binary data and are typically used by open source (Linux and Unix) web servers instead of Windows web servers. .CER and .CRT files are also saved in the PEM format but only store certificates.