Skip to content

Instantly share code, notes, and snippets.

@sleeyax
Forked from mediaupstream/make_certs.sh
Last active April 22, 2022 12:28
Show Gist options
  • Save sleeyax/87ad51997e72ca6d7eb692da7bf7f01f to your computer and use it in GitHub Desktop.
Save sleeyax/87ad51997e72ca6d7eb692da7bf7f01f to your computer and use it in GitHub Desktop.
extract ca-certs, key, and crt from a pfx file
#!/bin/bash
#
# Usage:
# ./make_certs.sh test.example.com
#
# The required input to make_certs.sh is the path to your pfx file without the .pfx prefix
#
filename=$1
# extract ca-certs
echo "> Extracting ca-certs..."
openssl pkcs12 -in ${filename}.pfx -nodes -nokeys -cacerts -out ${filename}-ca.crt
echo "done!"
echo " "
# extract key
echo "> Extracting key file..."
openssl pkcs12 -in ${filename}.pfx -nocerts -out ${filename}.key
echo "done!"
echo " "
# extract crt
echo "> Extracting crt..."
openssl pkcs12 -in ${filename}.pfx -clcerts -nokeys -out ${filename}.crt
echo "> Combining ca-certs with crt file..."
# combine ca-certs and cert files
cat ${filename}-ca.crt ${filename}.crt > ${filename}-full.crt
# remove passphrase from key file
echo "> Removing passphrase from keyfile"
openssl rsa -in ${filename}.key -out ${filename}.key
echo "done!"
echo " "
echo "Extraction complete! 🐼"
echo "created files:"
echo "${filename}.key"
echo "${filename}.crt"
echo "${filename}-ca.crt"
echo "${filename}-full.crt"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment