Encryption methods

The files that contain certificates and private keys must use one of two encryption methods:

  • DER (Distinguished Encoding Rules)

    Sometimes known as ASN.1, this uses binary data. A DER file can be transmitted as an attachment to an email message. This is the preferred method.

  • PEM (Privacy Enhanced Mail)

    This uses printable ASCII data. A PEM file is an ASCII version of a DER file, typically used when an email recipient cannot accept attachments. A PEM file can be cut and pasted into an email message.

It is not necessary for both files to use the same method. For example, your organization might generate its own DER private key files, but obtain PEM certificate files from elsewhere.