Skip to main content

Celonis Product Documentation

Certificates and keys

There are two ways of inserting a key or certificate.

  1. Direct inserting

  2. Extracting from the file (P12, PFX or PEM)

  1. You need the file that contains RSA PRIVATE KEY.

  2. Copy your key from the file. It should begin and end like this:



    -----END RSA PRIVATE KEY-----

  3. Paste the key directly in the following field:



    OPENSSH PRIVATE KEY is not supported. This has to be converted using the following command in Terminal: ssh-keygen -p -m PEM -f <pathToTheKey>. For Windows, you can use the PuTTy key generator.

To make everything easier, you can extract a Private Key or Certificate using our key extraction function. This function also allows you to extract the key from encrypted files.

The supported file formats are P12PFX, and PEM.

There are two types of fields in the certificate extraction dialog:

  • Private key

  • Certificate


These two options specify which value will be extracted from the provided file.

Example of use - key extraction

For example, when you create a Linux Based EC2 instance on AWS, you receive the login credentials in the PEM file:


The file contains the private key that is used to connect to the instance.

  1. Go to the module's Create a connection dialog and click the Extract button in Advanced Settings.

  2. In the Extract dialog, select the Private Key option to extract the private key from the provided file.

  3. Click the Choose Files button, browse and Open the desired file.

  4. Enter the password to the respective field, if needed.

  5. Click the Save button.

The private key has been exported from your file and will be used to connect to the desired service.