API Reference
A single POST endpoint that converts an SSL certificate from one format to another.
Endpoint
POST https://ae8.com.br/sslconverter/api/
The legacy URL (/sslconverter/) also accepts POSTs and forwards them
to this endpoint, so existing integrations keep working without changes.
Authentication
Each request must carry a valid API key, by any of:
- Query string:
?key=YOUR_KEY - Form field:
key=YOUR_KEY - Header:
X-API-Key: YOUR_KEY
Invalid or missing keys return 401.
Request body (multipart/form-data)
| Field | Required | Description |
|---|---|---|
| certFile | yes | The source certificate file. |
| certTypeFrom | yes | Source format: pfx, pem, der, crt, cer, p7b, key. |
| certTypeTo | yes | Target format (same set). |
| certPassword | when needed | PFX import password, or export password when producing a PFX. |
| keyFile | when needed | Private key, required only when certTypeTo=pfx and certTypeFrom is not pfx. |
| json | no | Set to true/1 to receive a JSON envelope with download links and timing, instead of the binary file. |
Supported conversions
pfx → crt, cer, key, pem, p7b pem → crt, cer, der, p7b, pfx* crt → pem, cer, der, p7b, pfx* cer → pem, crt, der, p7b, pfx* der → pem, crt, cer p7b → pem, crt, cer * requires keyFile
Responses
- 200 — by default, body is the converted file (
application/octet-stream) withContent-Disposition: attachment. Withjson=true, returns the JSON envelope below. - 400 — missing or unsupported parameters. JSON body.
- 401 — invalid or missing API key. JSON body.
- 422 — OpenSSL refused the conversion (wrong password, malformed file…). JSON body.
- 500 — internal error. JSON body.
JSON envelope (with json=true)
{
"status": "success",
"elapsed": 0.412,
"from": "pfx",
"to": "crt",
"original": {
"filename": "cert_20260516180000_a1b2c3.pfx",
"size": 4321,
"download": "https://…/api/download?file=…&key=…"
},
"converted": {
"filename": "cert_20260516180000_a1b2c3_converted.crt",
"size": 2156,
"download": "https://…/api/download?file=…&key=…"
},
// present only when the uploaded PFX was a legacy file that we modernised:
"updated": {
"filename": "cert_20260516180000_a1b2c3_updated.pfx",
"size": 4480,
"download": "https://…/api/download?file=…&key=…"
}
}
The updated entry only appears when the uploaded PFX was a legacy file
(older OpenSSL / RC2-40) that we re-exported with current algorithms. Use it as a
drop-in modern replacement for the original.
Error envelope
{ "status": "error", "message": "…" }
Examples
cURL — PFX → CRT
curl -X POST https://ae8.com.br/sslconverter/api/ \ -H "X-API-Key: $KEY" \ -F certTypeFrom=pfx \ -F certTypeTo=crt \ -F certPassword=secret \ -F certFile=@cert.pfx \ -o cert.crt
cURL — JSON mode
curl -X POST https://ae8.com.br/sslconverter/api/ \ -H "X-API-Key: $KEY" \ -F certTypeFrom=pfx \ -F certTypeTo=crt \ -F certPassword=secret \ -F certFile=@cert.pfx \ -F json=true
cURL — PEM + KEY → PFX
curl -X POST "https://ae8.com.br/sslconverter/api/?key=$KEY" \ -F certTypeFrom=pem \ -F certTypeTo=pfx \ -F certPassword=newpass \ -F certFile=@cert.pem \ -F keyFile=@cert.key \ -o cert.pfx
PHP — PFX → CRT
$api = 'https://ae8.com.br/sslconverter/api/'; $post = [ 'certTypeFrom' => 'pfx', 'certTypeTo' => 'crt', 'certFile' => curl_file_create('certificate.pfx'), 'certPassword' => 'secret', ]; $ch = curl_init($api . '?key=' . SSL_CONVERTER_KEY); curl_setopt_array($ch, [ CURLOPT_POST => 1, CURLOPT_POSTFIELDS => $post, CURLOPT_RETURNTRANSFER => true, ]); $response = curl_exec($ch); curl_close($ch); file_put_contents('certificate.crt', $response);
Notes
- Legacy PFX files (generated by older OpenSSL releases, e.g. with
RC2-40ciphers) are accepted transparently — no extra parameter required. - Keep your API key private. Contact us to rotate it if you suspect it has been exposed.
- For sensitive material, prefer running OpenSSL locally.