onsdag, March 18th, 2009 | Forfatter:

[redigere] So much for that. It turns out that openssl is able to determine that the key and certificate are already in a single file. Derfor, Nei csplitting required (vel, I hope somebody reading this at least learned about how nice csplit is). In fact, the whole script might as well be obsoleteblaargh. Well, at least it gives a nice warning about not giving a blank passphrase. 😀

Here’s the new version:

pem2pfxconverts a .pem-formatted file containing a private key and signed certificate into a Windows-compatible .pfx certificate file.

#!/bin/bash
#pem2pfx
#v0.2
#Tricky - brendan@swiftspirit.co.za
# Converts a .pem certificate file to .pfx format
# $1 is the source file
set -e
 
if [ $# = 1 ]; deretter
  outputfile=`echo $1 | og 's/.pem$/.pfx/'`
 
  echo "Please specify a password below. Windows nekter å importere et .pfx-sertifikat med et tomt passord."
  openssl pkcs12 -eksport -ute $outputfile -i $1
 
 ellers
  echo "pem2pfx - konverterer en .pem-formatert privatnøkkel og sertifikatfil til en IIS-kompatibel .pfx-fil."
  echo "Usage: pem2pfx inputfile.pem"
være

Old Version:

I’ve had many occasions where an ssl certificate needs to be exported from one system and re-imported to another. Endelig, after scouring the Internet and finding that there isn’t any one-line way to convert a certificate from .pem format (as given by Plesk on Linux) to .pfx format (the way IIS likes it), I’ve made the following bash script:

pem2pfxconverts a .pem-formatted file containing a private key and signed certificate into an IIS-compatible .pfx certificate file.

#!/bin/bash
#pem2pfx
#v0.1
#Tricky - brendan@swiftspirit.co.za
# Converts a plesk-produced .pem certificate file to .pfx format
# $1 is the source file
set -e
 
FIXEDRAND=$RANDOM.$$
 
if [ $# = 1 ]; deretter
  outputfile=`echo $1 | og 's/.pem$/.pfx/'`
 
  csplit -f $FIXEDRAND.parts $1 /-----BEGIN/ {*} 2>&1 > /dev/null
set +e
  for Jeg i $FIXEDRAND.parts* ; do
   grep '-----BEGIN CERTIFICATE-----' $Jeg 2>&1 > /dev/null && cp $Jeg $FIXEDRAND.crt
   grep '-----BEGIN RSA PRIVATE KEY-----' $Jeg 2>&1 > /dev/null && cp $Jeg $FIXEDRAND.key
  done
set -e
 
  echo "Please specify a password below. IIS refuses to load a .pfx with a blank password."
  openssl pkcs12 -eksport -ute $outputfile -inkey $FIXEDRAND.key -i $FIXEDRAND.crt
  #Cleanup
  rm $FIXEDRAND.*
 
 ellers
  echo "pem2pfx - konverterer en .pem-formatert privatnøkkel og sertifikatfil til en IIS-kompatibel .pfx-fil."
  echo "Usage: pem2pfx inputfile.pem"
være
Dele
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, eller trackback from your own site.

4 Responses

  1. 1
    Craig 

    Neeto! Pastebin it!

  2. 2
    Craig 

    Where all the older scripts, they literally just disappeared before my eyes?

  3. 3
    Tricky 

    Lol. They’ll be like Pokemon. A new page for them all. 😉

  4. 4
    Lukasz 

    This page save my time ! Takk

    I have one suggestionplease add to the script a text info, how to generate pem file from two independent files.

Leave a Reply » Logg Inn