Created
August 3, 2018 07:35
-
-
Save refo/25fa2cd2047b0741ca16fa197e910a8b to your computer and use it in GitHub Desktop.
Create nginx cert files (pem, key) from pfx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Source: | |
# https://gist.github.com/ericharth/8334664 | |
# | |
# Thanks: | |
# https://github.com/anderssonjohan | |
# | |
# Usage: | |
# ./createcertfilesfrompfx.sh /path/to/domain.pfx | |
# | |
# Creates domain.pem and domain.key in the current directory | |
# | |
pfxpath="$1" | |
if [ ! -f "$pfxpath" ]; | |
then | |
echo "Cannot find PFX using path '$pfxpath'" | |
exit 1 | |
fi | |
crtname=`basename ${pfxpath%.*}` | |
domaincacrtpath=`mktemp` | |
domaincrtpath=`mktemp` | |
fullcrtpath=`mktemp` | |
keypath=`mktemp` | |
passfilepath=`mktemp` | |
read -s -p "PFX password: " pfxpass | |
echo -n $pfxpass > $passfilepath | |
echo "Creating .CRT file" | |
openssl pkcs12 -in $pfxpath -out $domaincacrtpath -nodes -nokeys -cacerts -passin file:$passfilepath | |
openssl pkcs12 -in $pfxpath -out $domaincrtpath -nokeys -clcerts -passin file:$passfilepath | |
cat $domaincrtpath $domaincacrtpath > $fullcrtpath | |
rm $domaincrtpath $domaincacrtpath | |
echo "Creating .KEY file" | |
openssl pkcs12 -in $pfxpath -nocerts -passin file:$passfilepath -passout pass:Password123 \ | |
| openssl rsa -out $keypath -passin pass:Password123 | |
rm $passfilepath | |
mv $fullcrtpath ./${crtname}.pem | |
mv $keypath ./${crtname}.key | |
ls -l ${crtname}.pem ${crtname}.key |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment