Skip to content

Instantly share code, notes, and snippets.

@yyuu

yyuu/pem2jks.sh

Last active May 9, 2017 12:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save yyuu/fc51da1dc40295c02128 to your computer and use it in GitHub Desktop.
Save yyuu/fc51da1dc40295c02128 to your computer and use it in GitHub Desktop.
Download ZIP
pem2jks.sh
Raw
pem2jks.sh
#!/usr/bin/env bash
#
# pem2jks.sh - convert bundled PEM certificate to JKS format
#
# Special thanks to Justin Ludwig about his article on converting PEM to JKS.
# http://blog.swwomm.com/2015/02/importing-new-rds-ca-certificate-into.html
#
set -e
tmp="$(mktemp -d "/tmp/$(basename "$0" ".sh").XXXXX")"
on_exit() {
rm -fr "${tmp}"
}
trap on_exit HUP TERM EXIT
get_alias() {
openssl x509 -noout -text -in "$1" | perl -ne 'next unless /Subject:/; s/.*CN=//; print'
}
abspath() {
( cd "$(dirname "$1")" && echo "${PWD}/$(basename "$1")" )
}
_pem2jks() {
local pem="$(abspath "$1")"
local jks="$(abspath "$2")"
local dir="$(mktemp -d "${tmp}/pem.XXXXX")"
pushd "${dir}" 1>/dev/null
rm -f "${jks}"
csplit -f cert. -s -z "${pem}" '/-BEGIN CERTIFICATE-/' '{*}'
for cert in "cert."*; do
name="$(get_alias "${cert}")"
echo "${name}" 1>&2
keytool -import -keystore "${jks}" -storepass "${storepass}" -noprompt -alias "$(get_alias "${cert}")" -file "${cert}" 1>/dev/null 2>&1
done
popd 1>/dev/null
}
read -p "Password: " -s
storepass="${REPLY}"
echo
for pem; do
jks="$(basename "${pem}" ".pem").jks"
_pem2jks "${pem}" "${jks}"
done
Copy link

ghost commented May 9, 2017

You have literally changed my life with this script. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment