Certificates in syncthing

OK - I am running on MS Windows (win10, Server 2016) and have a certificate in the store. I also have a .cer (.pem) that looks like the cert.pem in the config folder there is a second .pem (key.pem) that says it is a private key. I am not a “security” guy and am lost in how to get these files. (I think the cert.pem is probably the one I have) how do I get the private key (key.pem) and is cert.pem derived from the private? I want to “preinstall” the certificates before starting the first time (which I know can be done). I have access to OpenSSL if it is needed. What steps (commands) or techniques are needed to get both files into syncthing formats correctly.

Certificate is the actual certificate. Key is the key that signed the certificate.

If you have the key, in theory you should be able to generate a matching certificate, and prove that you have the key for it.

As for how do you get it, I don’t know, .cer is just the public part, so ask whoever gave you the public part to give you the private part.

The formats we use is just plain X509 in PEM encoding, there are plenty of how to’s on the internet how to convert Windows formats (der, pkcs or whatever else it outputs) to x509 PEM using OpenSSL.

Thanks, this makes sense now.