natelowry/certify.ps1

## certify.ps1
# This script does most of the certificate gynmastics needed to get an SSL certificate on a classic AWS EC2 ELB (Amazon load balancer)
# See http://dontpaniclabs.com/blog/post/2015/09/08/getting-ssl-certificates-on-aws-elastic-load-balancers-in-windows/
#
# NOTE: This script assumes you have openssl installed (https://slproweb.com/products/Win32OpenSSL.html).
# It also assumes that your certificate file is called 'cert.pfx' and that the export password on your certificate is 'password'.
#

Write-Host "Starting certificate gymnastics"

Write-Host "Starting extracting server key"
C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -nocerts -out key.pem -passin pass:password -passout pass:password
Write-Host "Finished extracting server key"
Start-Sleep -Milliseconds 100
Write-Host "Starting decrypting server key"
C:\OpenSSL-Win32\bin\openssl.exe rsa -in key.pem -out server.key -passin pass:password
Write-Host "Finished decrypting server key"
Start-Sleep -Milliseconds 100
Write-Host "Starting extracting public certificate"
C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -clcerts -nokeys -out cert.pem -passin pass:password
Write-Host "Finished extracting public certificate"
Start-Sleep -Milliseconds 100
Write-Host "Starting extracting cert chain"
C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -nokeys -out chain.pem -passin pass:password
Write-Host "Finished extracting cert chain"

# You'll still need to reverse the certificate chain if you need that

Write-Host "Finished certificate gymnastics"
	# This script does most of the certificate gynmastics needed to get an SSL certificate on a classic AWS EC2 ELB (Amazon load balancer)
	# See http://dontpaniclabs.com/blog/post/2015/09/08/getting-ssl-certificates-on-aws-elastic-load-balancers-in-windows/
	#
	# NOTE: This script assumes you have openssl installed (https://slproweb.com/products/Win32OpenSSL.html).
	# It also assumes that your certificate file is called 'cert.pfx' and that the export password on your certificate is 'password'.
	#

	Write-Host "Starting certificate gymnastics"

	Write-Host "Starting extracting server key"
	C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -nocerts -out key.pem -passin pass:password -passout pass:password
	Write-Host "Finished extracting server key"
	Start-Sleep -Milliseconds 100
	Write-Host "Starting decrypting server key"
	C:\OpenSSL-Win32\bin\openssl.exe rsa -in key.pem -out server.key -passin pass:password
	Write-Host "Finished decrypting server key"
	Start-Sleep -Milliseconds 100
	Write-Host "Starting extracting public certificate"
	C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -clcerts -nokeys -out cert.pem -passin pass:password
	Write-Host "Finished extracting public certificate"
	Start-Sleep -Milliseconds 100
	Write-Host "Starting extracting cert chain"
	C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -nokeys -out chain.pem -passin pass:password
	Write-Host "Finished extracting cert chain"

	# You'll still need to reverse the certificate chain if you need that

	Write-Host "Finished certificate gymnastics"