Skip to main content
Older versions of Internet Explorer will not support certain site features. Chrome, Safari, Firefox, and Edge will provide the best experience.

Converting the PFX Certificate to PEM Certificates for the Spok Notification Framework

This procedure must be completed following the installation of Spok Mobile at customer sites where the Spok Notification Framework will be used to support non-GCM Android devices. This procedure is completed by a Spok PSG professional to convert PFX format certificates to the three PEM format certificates needed to make the framework secure via TLS.

Complete this procedure to convert the PFX certificate to three PEM certificates that must be in place to be used by the Spok Notification Framework.

Before you begin, ensure that the certificate has been exported to PFX format and that the you have the required password. The customer typically creates the PFX and will therefore need to supply the password that they created when they created the file.

The certificate that was exported to PFX from the Windows certificate stores must be converted into three PEM certificates. To do this, perform the following steps.

  1. On the Spok Mobile server, open the Run program by pressing Windows key + R. Enter CMD in the Open field. Press Enter.
  2. In the command prompt window, navigate to to the directory by executing:
    cd C:/ProgramData/Spok/RabbitMQ/SSL
  3. Execute ConvertCertificate.bat password. This will separate the PFX certificate into three PEM certificates: root.pem, server.pem and key.pem.
    • In the command prompt window, enter the password that was set when the certificate was exported to PFX. Press Enter.
    • Take note of any “Invalid Password” messages you see at this time. You must rerun the ConvertCertificate.bat script if any invalid password messages appear.
  4. Once the conversion has completed successfully, confirm that the three certificate files root.pem, server.pem and key.pem were created in the %AppData%\RabbitMQ\Certsdirectory.
    • Each PEM file must be at least 1KB or larger in size; this means the conversion was successful. If either file is 0KB, then the file is empty ("zeroed") and you must run the script again.
WARNING: Do not change the names of the converted PEM files. They must be named root.pem, server.pem and key.pem.
  1. In the command prompt, navigate to the directory cd C:/Program Files/RabbitMQ Server/rabbitmq_server-version/sbin and execute the following commands to re-install the RabbitMQ service:

    rabbitmq-service remove
    rabbitmq-service install
    rabbitmq-service start
    rabbitmqctl start_app"

  2. The certificates on the Care Connect Suite server are now in place, and the RabbitMQ service needed for the Spok Notification Framework now uses it.