Created
August 20, 2020 16:31
-
-
Save dkrusky/09ffcce371e41137257577bf402559bd to your computer and use it in GitHub Desktop.
Command line script to convert pfx with private key to pem format for Apache/nginx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [ "$#" -lt 1 ]; then | |
| echo " | |
| Command Syntax: | |
| pfx2pem <cert> <optional:password> | |
| " | |
| exit | |
| fi | |
| if [ ! -f "$1.pfx" ]; then | |
| echo "Error: The input file $1 does not exist" | |
| fi | |
| if [ "$#" -eq 2 ]; then | |
| openssl pkcs12 -in "$1".pfx -out "$1".cer -nodes -passin pass:"$2" | |
| else | |
| openssl pkcs12 -in "$1".pfx -out "$1".cer -nodes | |
| fi | |
| openssl pkey -in "$1".cer -out "$1".key | |
| openssl x509 -in "$1".cer -out "$1".crt | |
| # verify the certs match | |
| md5cert=$(openssl x509 -noout -modulus -in "$1".crt | openssl md5 | awk '{print $2}') | |
| md5key=$(openssl rsa -noout -modulus -in "$1".key | openssl md5 | awk '{print $2}') | |
| if [ "$md5cert" = "$md5key" ]; then | |
| echo "Export successful" | |
| else | |
| echo "Cert and Key do not match." | |
| fi | |
| # show checksum/hashes of the exported private and public key. | |
| echo " | |
| Private: $md5key | |
| Public: $md5cert | |
| " |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment