Last active
October 29, 2015 18:36
-
-
Save mrhanlon/0f4f68b3dfd4ba641469 to your computer and use it in GitHub Desktop.
Converts a PEM formatted TLS certificate to a PKCS12 formatted keystore, ready for import into a standard JKS formatted keystore.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
### | |
# tomcat-pem-to-jks.sh | |
# Converts a PEM formatted TLS certificate to a PKCS12 formatted keystore, | |
# ready for import into a standard JKS formatted keystore. | |
# | |
# Usage: | |
# tomcat-pem-to-jks.sh -k /path/to/server.key -c /path/to/cert.crt -i /path/to/intermediate.crt | |
### | |
while [[ $# > 1 ]] | |
do | |
key="$1" | |
case $key in | |
-k|--key) | |
KEYPATH="$2" | |
shift # past argument | |
;; | |
-c|--cert) | |
CERTPATH="$2" | |
shift # past argument | |
;; | |
-i|--intermediate) | |
INTERPATH="$2" | |
shift # past argument | |
;; | |
*) | |
# unknown option | |
;; | |
esac | |
shift # past argument or value | |
done | |
openssl pkcs12 -export \ | |
-in ${CERTPATH} -inkey ${KEYPATH} \ | |
-out tomcat-cert.p12 -name tomcat -CAfile ${INTERPATH} \ | |
-chain | |
echo "Now you can import this certificate to your chosen keystore:" | |
echo "keytool -importkeystore \\" | |
echo " -deststorepass [changeit] -destkeypass [changeit] -destkeystore server.keystore \\" | |
echo " -srckeystore tomcat-cert.p12 -srcstoretype PKCS12 -srcstorepass some-password \\" | |
echo " -alias [some-alias]" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment