Certificate Formats and Commonly Used File Extentions The X.509v3 documents in ASN.1 DER or PEM format are always decoded into XML files compliant with XER (XML Encoding Rules) as defined in the standard X.693 of the ITU-T. The ".xer" extension is suggested for the XER files. File Formats by Common Extentions CSR extension The CSR extension is used for certificate requests. The certificate requests may be encoded as binary DER or as ASCII PEM. CER extension The CER extension is used for certificates. The certificates may be encoded as binary DER or as ASCII PEM. The CER and CRT extensions are synonymous. CRT extension The CRT extension is used for certificates. The certificates may be encoded as binary DER or as ASCII PEM. The CER and CRT extensions are synonymous. DER extension The DER extension is used for binary DER encoded certificates. These files may also bear the CER or the CRT extension. Future versions of Xcarecrows 4 X509 will use the DER extension for different X.509v3 document types. KEY extension The KEY extension is used both for public and private PKCS#8 keys. The keys may be encoded as binary DER or as ASCII PEM. PEM extension The PEM extension is used for different types of X.509v3 files which contain ASCII (Base64) armored data prefixed with a "----- BEGIN ..." line. P12 extension The P12 extension is used for PKCS#12 keyring files. This is a binary-only format. BIN extension The BIN extension is used as a placeholder for X.509v3 documents or fragments encoded as binary DER. Choosing a different extension should be preferred when possible. CRL extension The CRL extension is used for certificates revocation list. The list may be encoded as binary DER or as ASCII PEM. --------------------------------------------------------------------------------