Arbaco, 18-ka Maarso, 2009 | Qoraa:

[wax ka beddel] Wax badan baa sidaas ah. Waxaa soo baxday in furanssl awood u leedahay in uu go'aamiyo in furaha iyo shahaadda ay horey ugu jiraan hal fayl. Sidaa darteed, maya kala qaybsanxoqid ayaa loo baahan yahay (iyo sidoo kale, Waxaan rajeynayaa in qof aqrinaya tan ugu yaraan uu wax ka bartay sida wanaagsan ee loo kala qaybsamo). Dhab ahaan, qoraalka oo dhan sidoo kale wuu duugoobi karaa… badargh. Waa hagaag, at least it gives a nice warning about not giving a blank passphrase. 😀

Here’s the new version:

pem2pfxconverts a .pem-formatted file containing a private key and signed certificate into a Windows-compatible .pfx certificate file.

#!/bin/bash
#pem2pfx
#v0.2
#Khiyaano badan - brendan@swiftspirit.co.za
# Converts a .pem certificate file to .pfx format
# $1 is the source file
set -e
 
if [ $# = 1 ]; then
  outputfile=`echo $1 | sed 's/.pem$/.pfx/'`
 
  echo "Please specify a password below. Windows refuses to import a .pfx certificate with a blank password."
  openssl pkcs12 -export -out $outputfile -in $1
 
 else
  echo "pem2pfx - converts a .pem formatted private-key and certificate file to an IIS-compatible .pfx file."
  echo "Usage: pem2pfx inputfile.pem"
fi

Old Version:

I’ve had many occasions where an ssl certificate needs to be exported from one system and re-imported to another. Finally, after scouring the Internet and finding that there isn’t any one-line way to convert a certificate from .pem format (as given by Plesk on Linux) to .pfx format (the way IIS likes it), I’ve made the following bash script:

pem2pfxconverts a .pem-formatted file containing a private key and signed certificate into an IIS-compatible .pfx certificate file.

#!/bin/bash
#pem2pfx
#v0.1
#Khiyaano badan - brendan@swiftspirit.co.za
# Converts a plesk-produced .pem certificate file to .pfx format
# $1 is the source file
set -e
 
FIXEDRAND=$RANDOM.$$
 
if [ $# = 1 ]; then
  outputfile=`echo $1 | sed 's/.pem$/.pfx/'`
 
  kala qaybsan -f $FIXEDRAND.parts $1 /-----BEGIN/ {*} 2>&1 > /dev/null
set +e
  for i in $FIXEDRAND.parts* ; do
   grep '-----BEGIN CERTIFICATE-----' $i 2>&1 > /dev/null && cp $i $FIXEDRAND.crt
   grep '-----BEGIN RSA PRIVATE KEY-----' $i 2>&1 > /dev/null && cp $i $FIXEDRAND.key
  done
set -e
 
  echo "Please specify a password below. IIS refuses to load a .pfx with a blank password."
  openssl pkcs12 -export -out $outputfile -inkey $FIXEDRAND.key -in $FIXEDRAND.crt
  #Cleanup
  rm $FIXEDRAND.*
 
 else
  echo "pem2pfx - converts a .pem formatted private-key and certificate file to an IIS-compatible .pfx file."
  echo "Usage: pem2pfx inputfile.pem"
fi
Share
You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, ama trackback from your own site.

4 Responses

  1. 1
    Craig 

    Neeto! Pastebin it!

  2. 2
    Craig 

    Where all the older scripts, they literally just disappeared before my eyes?

  3. Lol. They’ll be like Pokemon. A new page for them all. 😉

  4. 4
    Lukasz 

    This page save my time ! Thanks

    I have one suggestionplease add to the script a text info, how to generate pem file from two independent files.

Leave a Reply » Gal