How to publish Webserver with PEM Certificate on UTM SG (firmware 9.510-5) ?

Question

Hi everybody, 
 I need to publish webserver with PEM Certiifcate, but i'm suprise after charged this certificate, i can't select it on item Web virtual, i see only certifcate create inside UTM. 
 Other thing to workaround 
 I can't do DNAT to workaround publish webserver to bypass Webserver protection ! Thank's for your help 
 
 Regards,

DouglasFoster · Answer

UTM does not accept certificates in PEM format, you need to convert them to PKCS#12. Your certificate issuer can probably issue the certificate in a different format, or you can covert it yourself. OPENSSL is used inside UTM, so you could run it from the Linux shell if you know which shell it uses and which scripting syntax applies. I do not, so I downloaded the OpenSSL kit for Windows. Note: OpenSSL only provides source code, since building your own executable is safest, but the community forum has links to pre-built executables for Windows and other platforms. 
 Below I provide a same Windows command script to use with a Windows version of OpenSSL. I use to to convert a PFX (PKCS#12) file to PEM so that it can be edited with a text editor. Then I manually remove the root certificate. Finally, I convert the PEM file back to PKCS#12. Since you only need to go from PEM to PKCS, you only need the last part. 
 %1 and %2 are command parameters used to build the filename according to my standards. 
 
 echo c:\openssl-win32\bin\openssl pkcs12 -in c:	emp\%1_%2.pfx -out c:	emp\%1_%2_pem.pem -nodes pause notepad c:	emp\%1_%2_pem.pem pause c:\openssl-win32\bin\openssl pkcs12 -export -in c:	emp\%1_%2_pem.pem -out %1_%2_2.pfx pause