natelowry · October 11, 2016 20:57
diff --git a/certify.ps1 b/certify.ps1
 # This script does most of the certificate gynmastics needed to get an SSL certificate on a classic AWS EC2 ELB (Amazon load balancer)
 # See http://dontpaniclabs.com/blog/post/2015/09/08/getting-ssl-certificates-on-aws-elastic-load-balancers-in-windows/
 #
 # NOTE: This script assumes you have openssl installed (https://slproweb.com/products/Win32OpenSSL.html).
 # It also assumes that your certificate file is called 'cert.pfx' and that the export password on your certificate is 'password'.
 #

 Write-Host "Starting certificate gymnastics"

 Write-Host "Starting extracting server key"
 C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -nocerts -out key.pem -passin pass:password -passout pass:password
 Write-Host "Finished extracting server key"
 Start-Sleep -Milliseconds 100
 Write-Host "Starting decrypting server key"
 C:\OpenSSL-Win32\bin\openssl.exe rsa -in key.pem -out server.key -passin pass:password 
 Write-Host "Finished decrypting server key"
 Start-Sleep -Milliseconds 100
 Write-Host "Starting extracting public certificate"
 C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -clcerts -nokeys -out cert.pem -passin pass:password 
 Write-Host "Finished extracting public certificate"
 Start-Sleep -Milliseconds 100
 Write-Host "Starting extracting cert chain"
 C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -nokeys -out chain.pem -passin pass:password
 Write-Host "Finished extracting cert chain"

 # You'll still need to reverse the certificate chain if you need that

 Write-Host "Finished certificate gymnastics"
	# This script does most of the certificate gynmastics needed to get an SSL certificate on a classic AWS EC2 ELB (Amazon load balancer)
	# See http://dontpaniclabs.com/blog/post/2015/09/08/getting-ssl-certificates-on-aws-elastic-load-balancers-in-windows/
	#
	# NOTE: This script assumes you have openssl installed (https://slproweb.com/products/Win32OpenSSL.html).
	# It also assumes that your certificate file is called 'cert.pfx' and that the export password on your certificate is 'password'.
	#

	Write-Host "Starting certificate gymnastics"

	Write-Host "Starting extracting server key"
	C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -nocerts -out key.pem -passin pass:password -passout pass:password
	Write-Host "Finished extracting server key"
	Start-Sleep -Milliseconds 100
	Write-Host "Starting decrypting server key"
	C:\OpenSSL-Win32\bin\openssl.exe rsa -in key.pem -out server.key -passin pass:password
	Write-Host "Finished decrypting server key"
	Start-Sleep -Milliseconds 100
	Write-Host "Starting extracting public certificate"
	C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -clcerts -nokeys -out cert.pem -passin pass:password
	Write-Host "Finished extracting public certificate"
	Start-Sleep -Milliseconds 100
	Write-Host "Starting extracting cert chain"
	C:\OpenSSL-Win32\bin\openssl.exe pkcs12 -in cert.pfx -nokeys -out chain.pem -passin pass:password
	Write-Host "Finished extracting cert chain"

	# You'll still need to reverse the certificate chain if you need that

	Write-Host "Finished certificate gymnastics"