• Command line arguments
• Settings.json
• Plugins
  • Source
    • IIS
    • Manual
    • CSR
  • Validation
    • HTTP validation
      • Self-hosting
      • Filesystem
      • FTP(S)
      • SFTP
      • WebDav
      • REST
    • DNS validation
      • acme-dns
      • Alibaba (Aliyun)
      • Azure (Microsoft)
      • Cloud DNS (Google)
      • Cloudflare
      • DigitalOcean
      • DNSEXIT
      • DNS Made Easy
      • Domainname.shop
      • Dreamhost
      • GoDaddy
      • Hetzner
      • InfoManiak
      • Linode (Akamai)
      • LuaDNS
      • Manual
      • NS1
      • RFC2136
      • Route53 (Amazon)
      • Script
      • Simply
      • Tencent
      • TransIP
    • TLS validation
      • Self-hosting
  • Order
    • Single
    • Host
    • Site
    • Domain
  • CSR
    • RSA
    • EC
  • Store
    • Azure KeyVault
    • Certificate Store
    • Central Certificate Store
    • .pem files (Apache etc.)
    • .pfx file
    • User Store
  • Installation
    • IIS bindings
    • Script

PemFiles

Designed for Apache, nginx and other web servers. Exports a .pem file for the certificate and private key and places them in the path provided by the --pemfilespath parameter, or the Store.PemFiles.DefaultPath setting in settings.json.

Files created are:

• {name}-crt.pem (certificate)
• {name}-key.pem (private key)
• {name}-chain.pem (certificate plus chain)
• {name}-chain-only.pem (chain without certificate)

By default {name} will be the common name of the certificate (i.e. the primary host name), but this may be overruled with the --pemfilesname parameter.

You can also optionally have the -key.pem file password protected, though you should make sure that the software you intend to consume the key with supports this as well.

Unattended

--store pemfiles [--pemfilespath C:\Certificates\] [--pempassword ******] [--pemfilesname mycert]