Skip to content

What are those PEMs and DERs files?

The installation folder of Web Safety contains several PEM and DER files. These can be misleading sometimes. This article tries to explain what those file mean.

  • The myca.pem is a self signed Root Decryption Certification file that proxy process uses to mimic the certificates of the HTTPS decrypted sites. The myca.der is its corresponding certificate in the DER format that needs to be installed in the browser in order to establish a trust to the proxy. See this article for more information.

  • The admin_ui.key is a private key the Apache/UI will use to self sign HTTPS access to itself. The admin_ui.pem is the certificate chain corresponding to that private key that Apache/UI will send to connecting browsers to establish HTTPS. See the next article for more information.

  • Finally the license.pem is also a time based certificate that is used in ICAP web filtering daemon as a licensing scheme.

Those three have nothing to do with each other.