Created
January 11, 2019 16:19
-
-
Save sshimko/e4e70ec5b6a0b5285189342ee2c245e8 to your computer and use it in GitHub Desktop.
Extracting keys + certs from nssdb
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| pk12util -d . -r -n Server-Cert -o foo.p12 | |
| openssl pkcs12 -in foo.p12 -out foo-crt.pem -clcerts -nokeys | |
| openssl pkcs12 -in foo.p12 -out foo-key.pem -nocerts -nodes |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
It was surprisingly hard to figure out how to do this - even with Google's help. I use it to extract keys from the nssdb IPA clients use but services like rsyslog don't support.
Drawback - I need to figure out how to automate this when certs are re-issued.