Wednesday, March 18th, 2009 | Author:

[edit] So much for that. It turns out that openssl is able to determine that the key and certificate are already in a single file. Therefore, no csplitting required (خوب, I hope somebody reading this at least learned about how nice csplit is). In fact, the whole script might as well be obsoleteblaargh. Well, at least it gives a nice warning about not giving a blank passphrase. 😀

Here’s the new version:

pem2pfxconverts a .pem-formatted file containing a private key and signed certificate into a Windows-compatible .pfx certificate file.

#!/bin/bash
#pem2pfx
#v0.2
#مکار - bتحقیقenدan@swiftspمنrمنt.Co.za
# Converts a .pem certificate file to .pfx format
# $1 is the source file
set -e
 
if [ $# = 1 ]; سپس
  outputfile=`echo $1 | sed 's/.pem$/.pfx/'`
 
  echo "Please specify a password below. Windows refuses to import a .pfx certificate with a blank password."
  openssl pkcs12 -export -out $outputfile -in $1
 
 else
  echo "pem2pfx - converts a .pem formatted private-key and certificate file to an IIS-compatible .pfx file."
  echo "Usage: pem2pfx inputfile.pem"
fi

Old Version:

I’ve had many occasions where an ssl certificate needs to be exported from one system and re-imported to another. Finally, after scouring the Internet and finding that there isn’t any one-line way to convert a certificate from .pem format (as given by Plesk on Linux) to .pfx format (the way IIS likes it), I’ve made the following bash script:

pem2pfxconverts a .pem-formatted file containing a private key and signed certificate into an IIS-compatible .pfx certificate file.

#!/bin/bash
#pem2pfx
#v0.1
#مکار - brendan@swiftspirit.co.za
# Converts a plesk-produced .pem certificate file to .pfx format
# $1 is the source file
set -e
 
FIXEDRAND=$RANDOM.$$
 
if [ $# = 1 ]; سپس
  outputfile=`echo $1 | sed 's/.pem$/.pfx/'`
 
  csplit -f $FIXEDRAND.parts $1 /-----BEGIN/ {*} 2>&1 > /dev/null
set +e
  for من in $FIXEDRAND.parts* ; do
   grep '-----BEGIN CERTIFICATE-----' $من 2>&1 > /dev/null && cp $من $FIXEDRAND.crt
   grep '-----BEGIN RSA PRIVATE KEY-----' $من 2>&1 > /dev/null && cp $من $FIXEDRAND.key
  done
set -e
 
  echo "Please specify a password below. IIS refuses to load a .pfx with a blank password."
  openssl pkcs12 -export -out $outputfile -inkey $FIXEDRAND.key -in $FIXEDRAND.crt
  #Cleanup
  rm $FIXEDRAND.*
 
 else
  echo "pem2pfx - converts a .pem formatted private-key and certificate file to an IIS-compatible .pfx file."
  echo "Usage: pem2pfx inputfile.pem"
fi
اشتراک گذاری
شما می توانید هر پاسخی به این مطلب را از طریق دنبال RSS 2.0 خوراک. شما می توانید ترک یک پاسخ, یا دنبالک از سایت خودتان.

4 پاسخ

  1. 1
    Craig 

    Neeto! Pastebin it!

  2. 2
    Craig 

    Where all the older scripts, they literally just disappeared before my eyes?

  3. 3
    مکار 

    Lol. They’ll be like Pokemon. A new page for them all. 😉

  4. 4
    Lukasz 

    This page save my time ! تشکر

    I have one suggestionplease add to the script a text info, how to generate pem file from two independent files.

پاسخ دهید » ورود به سامانه