What is a PEM file?
PEM Stands for Privacy-Enhanced Mail (PEM), is a file format for storing and sending cryptographic keys, certificates, and other data.PEM was initially invented to make e-mail secure. PEM file can be used for multiple purposes.
The .pem file defines the structure and encoding file type that is used to store the data using base64.
PEM File Format
The label determines the type of message encoded. Common labels include CERTIFICATE
, CERTIFICATE REQUEST
, PRIVATE KEY
and X509 CRL
.A single PEM file can contain multiple blocks.
Examples. For Private key
-----BEGIN PRIVATE KEY-----
MIIEowIBAAKCAQEAxZls7NgRS5rtDH+mCgEeqSO12BiPAY2dhZZbTkPEoDUVqG46
PHGIBBERISHFKS3xE4eMMY+uWPriviY0W12EFqYBUJDq6GmGSQPMSI8Kep7OgVGK
FKX4+O45RrJwcQGI2M+pbD4+Ow28iEsNP3flQKvamNuezm2VallhGiO/E39UITrB
27FWM1pLQo5etyE378h5q8BKMGKt1ZPxPhjiNjBefGZ1Dscw7CA5
-----END PRIVATE KEY-----
For Certificate
-----BEGIN CERTIFICATE-----
EYHTOdutngBAAKCAQEAxZls7NgRS5rtDH+mCgEeqSO12BiPAY2dhZZbTkPEoDUVqG46
PHGIBBERISHFKS3xE4eMMY+uWPriviY0W12EFqYBUJDq6GmGSQPMSI8Kep7OgVGK
d2t3/Lq+I8ZqlFwAgPwS7n18mlgTV/YyA0HCCIa+kZGKqbsuylfsODUAJGQqOtUM
27FWM1pLQo5etyE378h5q8BKMGKt1ZPxPhjiNj7jsdhtHy3tG
-----END CERTIFICATE-----
PEM data is commonly stored in files with a ".pem" suffix, a ".cer" or ".crt" suffix (for certificates), or a ".key" suffix (for public or private keys).
The label inside a PEM file represents the type of data more accurately than the file suffix since many different types of data can be saved in a ".pem" file.
In particular, PEM refers to the header and base64 wrapper for a binary format contained within but does not specify any type or format for the binary data, so that a PEM file may contain "almost anything base64 encoded and wrapped with BEGIN and END lines".
Why base64?
PEM format encodes binary with base64 so that it exists as an ASCII string.
Conclusion
In this article, we have gone through what is a PEM file, is basic format, different supporting file types, and why .pem file is encoded in base64.