Last active
July 25, 2017 13:29
-
-
Save vstoykov/48eff6d4a0b0d0128b1b9360500ebce5 to your computer and use it in GitHub Desktop.
Convert pfx files to key and pem files suitable for Nginx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Usage: | |
| # ./pfx2pem.sh /path/to/domain.pfx | |
| # | |
| # Creates domain.pem and domain.key in the current directory | |
| # | |
| # Based on https://gist.github.com/ericharth/8334664#gistcomment-1942267 | |
| pfxpath="$1" | |
| if [ ! -f "$pfxpath" ]; | |
| then | |
| echo "Cannot find PFX using path '$pfxpath'" | |
| exit 1 | |
| fi | |
| crtname=`basename ${pfxpath%.*}` | |
| domaincacrtpath=`mktemp` | |
| domaincrtpath=`mktemp` | |
| fullcrtpath=`mktemp` | |
| keypath=`mktemp` | |
| read -s -p "PFX password: " pfxpass | |
| echo "Creating .CRT file" | |
| openssl pkcs12 -in $pfxpath -out $domaincacrtpath -nodes -nokeys -cacerts -passin "pass:${pfxpass}" | |
| openssl pkcs12 -in $pfxpath -out $domaincrtpath -nokeys -clcerts -passin "pass:${pfxpass}" | |
| cat $domaincrtpath $domaincacrtpath > $fullcrtpath | |
| rm $domaincrtpath $domaincacrtpath | |
| echo "Creating .KEY file" | |
| openssl pkcs12 -in $pfxpath -nocerts -passin "pass:${pfxpass}" -passout "pass:${pfxpass}" \ | |
| | openssl rsa -out $keypath -passin "pass:${pfxpass}" | |
| mv $fullcrtpath ./${crtname}.pem | |
| mv $keypath ./${crtname}.key | |
| ls -l ${crtname}.pem ${crtname}.key |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment