bitdivine/Make a certificate chain file

## Make a certificate chain file
# start with your certificate:
cert=my.crt
# we will copy the individual certificates to 001.crt, 002.crt and so on:
counter=0

# Now, for each certificate:
link="$(printf "%03d.crt" $((++counter)))" # 001.cert, 002.crt, ...
# Check that the certificate is in the human readable PEM format.
# If not it needs to be converted.  Then copy into 001/2/3.crt
if openssl x509 -in "$cert" -text -noout &>/dev/null
then cp  "$cert" "$link"
else openssl x509 -in "$cert" -inform DER -out "$link" -outform PEM
fi
# Make sure the certificate ends in a new line:
echo >> "$link"
# Get the next certificate up the chain:
cert="$(openssl x509 -in $link -text -noout | sed -nr '/Authority Information Access:/,/^\s*$/p' | sed -nr '/CA Issuers/{s/.*URI://g;p}')"
# Rinse and repeat until you have no more.

# Concatenate the 001.crt 002.crt etc in that order:
cat [0-9][0-9][0-9].crt > my.ca-bundle
	# start with your certificate:
	cert=my.crt
	# we will copy the individual certificates to 001.crt, 002.crt and so on:
	counter=0

	# Now, for each certificate:
	link="$(printf "%03d.crt" $((++counter)))" # 001.cert, 002.crt, ...
	# Check that the certificate is in the human readable PEM format.
	# If not it needs to be converted. Then copy into 001/2/3.crt
	if openssl x509 -in "$cert" -text -noout &>/dev/null
	then cp "$cert" "$link"
	else openssl x509 -in "$cert" -inform DER -out "$link" -outform PEM
	fi
	# Make sure the certificate ends in a new line:
	echo >> "$link"
	# Get the next certificate up the chain:
	cert="$(openssl x509 -in $link -text -noout \| sed -nr '/Authority Information Access:/,/^\s$/p' \| sed -nr '/CA Issuers/{s/.URI://g;p}')"
	# Rinse and repeat until you have no more.

	# Concatenate the 001.crt 002.crt etc in that order:
	cat [0-9][0-9][0-9].crt > my.ca-bundle