What Is a PEM (Privacy Enhanced Mail) File & How to Create It?

3 votes, average: 4.67 out of 53 votes, average: 4.67 out of 53 votes, average: 4.67 out of 53 votes, average: 4.67 out of 53 votes, average: 4.67 out of 5 (3 votes, average: 4.67 out of 5, rated)
PEM file

PEM (Privacy Enhanced Mail) Is the Base64 Encoded DER Certificate Used by Webservers

SSL has been around for many years. After years of the push by the popular browser like Google to make SSL mandatory, simple websites have also learned how vital SSL certificate is. Henceforth, most website owners have started getting an SSL certificate once their website is built.

But, many are new when it comes to SSL certificates, and it’s highly possible they may hang up with several cybersecurity complexities. And among complexities, one such complexity is of the .PEM file.

So, if you’re among those wondering what a .pem file is, how to create a pem file, or any other question related to it, then keep reading. We’re going to cover all of it.

What Is a PEM File?

Once your SSL certificate gets issued, CA (Certificate Authority) like Comodo SSL and Sectigo SSL sends different files along with a CAs intermediate certificate, server certificate, and the private key. Likewise, such files get encoded within a single file “container.” And one such container file type is PEM (Privacy Enhanced Mail).

Privacy Enhanced Mail is one of the container formats for keys and digital certificates. Usually, Apache and other web server platforms use it. In other words, PEM is a file extension that consists of multiple certificate files.

Likewise, the PEM file is majorly used by X.509 certificates, and it’s one of the text files containing Base64 encoding of the text within the certificate, like a plain text header and footer that marks the beginning and end of the certificate.

Likewise, here below are the examples of .PEM file:

Private Key




CAs Certificate for the Server




Trust Chain Intermediate Certificate


MIIEaTCCA1GgAwIBAgILBAAAAAABRE7wQkcwDQYJKoZIhvcNAQELBQAwVzELMAkGC33JiJ1Pi/D4nGyMVTXbv/Kz6vvjVudKRtkTIso21ZvBqOOWQ5PyDLzm+ebomchjSHh/VzZpGhkdWtHUfcKc1H/hgBKueuqI6lfYygoKOhJJomIZeg0k9zfrtHOSewUjdHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29tL3JlcG9zaXRvcnkvMDMGA1UdHwQsMCowKKAmoCSGImh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvcm9vdC5jcmwwPQYIKwYB K1pp74P1S8SqtCr4fKGxhZSM9AyHDPSsQPhZSZg=


Trust Chain Root Certificate



Here’s How to Create a PEM File

Sometimes servers don’t support other file formats except for PEM files. Henceforth, you don’t have any option but to have a PEM file ready. Likewise, if you’re questioning how to create a it, then no worries, it’s pretty simple. Here, below are the steps you need to follow for creating a PEM file:

Download your intermediate, root, primary certificate, and private key files that you received from Certificate Authority (CA) like Sectigo or Comodo.

Open a text editor like Notepad or Notepad++ and paste the entire content of all the certificate files one by one along with the private key in the order mentioned below:

The Private Key

The Main SSL Certificate

An Intermediate Certificate

The Root Certificate

Starting & Ending tags like below:


(Your Private Key)



(Your Primary SSL certificate)



(Your Intermediate certificate)



(Your Root certificate)


Furthermore, save your file similar to your domain name with a .pem extension like example_domain_name.pem, and that’s it. Your PEM certificate is created.

What’s the Use of .PEM File?

PEM files help store SSL certificates and their associated private key. Likewise, you can store multiple credentials with an entire SSL chain. It’s the file used in servers like Nginx and Apache for encrypting HTTPS.

How Secure Is PEM File?

Privacy Enhanced Mail is a PKI (Public Key Infrastructure) file used for certificates and keys. It was initially invented for making email messages secure, but now it’s one of the Intranet security standards.

Is .PEM File Similar to Key File?

No, both are different. Key files are usually private keys used for encrypting and packaging data for further verifications by clients. And PEM files are the public key that clients use to verify and decrypt data or information sent by servers.

How to Read a .PEM File?

It’s is an encoded certificate that contains blocks of encoded texts that have all the information and public key of the certificate. And one of the simplest ways is to double click and open it using the text editor.

comodo logo

COMODO SMIME Certificates – Starts at $7.99/Yr.

Buy or renew SMIME certificates and save up to 90% at CheapSSLweb.com. It comes with email encryption, email signing, and client authentication features.

Janki Mehta

Janki Mehta

Janki Mehta is a Cyber-Security Enthusiast who constantly updates herself with new advancements in the Web/Cyber Security niche. Along with theoretical knowledge, she also implements her practical expertise in day-to-day tasks and helps others to protect themselves from threats.

Buy Cheap Wildcard SSL