Last active
November 17, 2022 19:05
-
-
Save pschichtel/1a5e9d8c3af489ad4121d208a1cb241f to your computer and use it in GitHub Desktop.
pfSense generates legacy p12 files which are not compatible with latest OpenSSL 3. This script unpacks the p12 file into separate PEM files, which work nicely with GNOME's network management stuff. See: https://github.com/openssl/openssl/commit/15c9aa3aef77c642ef2b6c84bba2b57b35ed083e
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| input="${1?no input}" | |
| key_output="${2?no key output}" | |
| crt_output="${3?no crt output}" | |
| ca_output="${4?no ca output}" | |
| openssl pkcs12 -legacy -in "$input" -out "${key_output}" -nocerts -nodes | |
| openssl pkcs12 -legacy -in "$input" -out "${crt_output}" -clcerts -nokeys | |
| openssl pkcs12 -legacy -in "$input" -out "${ca_output}" -cacerts -nokeys |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment