presbrey/re-self-sign.sh

## re-self-sign.sh
#!/bin/bash
# re-self-sign id.pem|id.p12 [days]
# extends the life of an expired certificate identity

b=$(basename $1 .p12)
b=$(basename $b .pem)
days=$2

# unwrap p12 to pem
if [ -f $b.p12 ]; then
    (openssl pkcs12 -in $b.p12 -nodes > $b.pem)
fi

# resign pem for $days
if [ -f $b.pem ]; then
    if [ -n "$days" ]; then
        days="-days $days"
    fi
    (openssl x509 -in $b.pem -signkey $b.pem $days | openssl x509 -text) > $b-new.cer
fi

# copy old private key to new pem
if [ -f $b-new.cer ]; then
    (cat $b-new.cer; openssl rsa -in $b.pem) > $b-new.pem
fi

# export new p12
if [ -f $b-new.pem ]; then
    (openssl pkcs12 -in $b-new.pem -export) > $b-new.p12
fi
	#!/bin/bash
	# re-self-sign id.pem\|id.p12 [days]
	# extends the life of an expired certificate identity

	b=$(basename $1 .p12)
	b=$(basename $b .pem)
	days=$2

	# unwrap p12 to pem
	if [ -f $b.p12 ]; then
	(openssl pkcs12 -in $b.p12 -nodes > $b.pem)
	fi

	# resign pem for $days
	if [ -f $b.pem ]; then
	if [ -n "$days" ]; then
	days="-days $days"
	fi
	(openssl x509 -in $b.pem -signkey $b.pem $days \| openssl x509 -text) > $b-new.cer
	fi

	# copy old private key to new pem
	if [ -f $b-new.cer ]; then
	(cat $b-new.cer; openssl rsa -in $b.pem) > $b-new.pem
	fi

	# export new p12
	if [ -f $b-new.pem ]; then
	(openssl pkcs12 -in $b-new.pem -export) > $b-new.p12
	fi