What is a .crt file?

Drop any file to identify it

No upload. No signup. No sending your file halfway across the internet.
We tell you what it is, right here in your browser.

What is it

A .crt file contains an X.509 digital certificate — the cryptographic document that proves a server's identity for HTTPS connections. When your browser shows a padlock icon, it verified the server's .crt certificate against a chain of trusted certificate authorities.

The extension is a convention, not a format specification. A .crt file is usually PEM-encoded (Base64 text, readable in a text editor) but can sometimes be DER-encoded (binary). Check the file: if you can read it and see BEGIN CERTIFICATE, it's PEM. If it's binary gibberish, it's DER.

You'll encounter .crt files when setting up SSL/TLS on web servers (Apache, Nginx), configuring email encryption, or managing certificate infrastructure. Certificate authorities deliver certificates as .crt files. To inspect a certificate: `openssl x509 -in server.crt -text -noout` shows the issuer, validity period, and subject details.

Technical details

Full Name

Certificate File

MIME Type

application/x-x509-ca-cert

Developer

ITU-T / IETF (X.509 standard)

Magic Bytes

N/A

Safety

What opens it

openssl (CLI)

FREE Windows / Mac / Linux

Keychain Access

FREE Mac

KeyStore Explorer

FREE Windows / Mac / Linux

FAQ

What's the difference between .crt and .pem?

Mostly convention. Both typically contain PEM-encoded certificates. .crt specifically implies a certificate, while .pem could contain a certificate, key, or both. The file content is often identical.

How do I check when a certificate expires?

`openssl x509 -in cert.crt -noout -enddate` shows the expiration date. On Mac, double-click the .crt to view it in Keychain Access. On Windows, double-click to open the Certificate dialog.

Related formats

Drop any file to identify it

Drop it!

Couldn't identify this file