-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #55 from petrsnd/pemutils
PEM file utilities and test CA script updates
Showing
5 changed files
with
176 additions
and
46 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
#!/bin/bash | ||
|
||
if [[ "$1" == "-h" ]]; then | ||
cat <<EOF | ||
USAGE: add-pem-password.sh [pemFilePath] | ||
pemFilePath Provide the path to a PEM-formatted private key file | ||
Running this will read the current PEM file password then rewrite the file | ||
with AES-256 password encryption. | ||
EOF | ||
exit 0 | ||
fi | ||
|
||
set -e | ||
|
||
cleanup() | ||
{ | ||
set +e | ||
} | ||
|
||
trap cleanup EXIT | ||
|
||
if [ -z "$1" ]; then | ||
read -p "Enter PEM private key file path:" PemFile | ||
else | ||
PemFile=$1 | ||
fi | ||
if [ ! -f "$PemFile" ]; then | ||
>&2 echo "$PemFile does not exist" | ||
exit 1 | ||
fi | ||
|
||
openssl rsa -aes256 -in "$PemFile" -out "$PemFile" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,46 @@ | ||
#!/bin/bash | ||
|
||
if [[ "$1" == "-h" ]]; then | ||
cat <<EOF | ||
USAGE: convert-pfx-to-pem.sh [pfxFilePath] | ||
pfxFilePath Provide the path to a PFX or PKCS#12 file | ||
Running this prompt for the current PFX password if needed then write a PEM-formatted | ||
certificate file and a PEM-formatted private key file (no password). | ||
EOF | ||
exit 0 | ||
fi | ||
|
||
set -e | ||
|
||
cleanup() | ||
{ | ||
set +e | ||
} | ||
|
||
trap cleanup EXIT | ||
|
||
if [ -z "$1" ]; then | ||
read -p "Enter PFX or PKCS#12 file path:" PfxFile | ||
else | ||
PfxFile=$1 | ||
fi | ||
if [ ! -f "$PfxFile" ]; then | ||
>&2 echo "$PfxFile does not exist" | ||
exit 1 | ||
fi | ||
|
||
if [[ "$PfxFile" == *.p12 || "$PfxFile" == *.pfx ]]; then | ||
PemBase=${PfxFile::-4} | ||
else | ||
PemBase=$PfxFile | ||
fi | ||
|
||
>&2 echo "Extracting the private key to ${PemBase}.key.pem..." | ||
openssl pkcs12 -in "$PfxFile" -nocerts -out "${PemBase}.key.pem" -nodes | ||
|
||
>&2 echo "Extracting the certificate to ${PemBase}.cert.pem..." | ||
openssl pkcs12 -in "$PfxFile" -clcerts -nokeys -out "${PemBase}.cert.pem" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
#!/bin/bash | ||
|
||
if [[ "$1" == "-h" ]]; then | ||
cat <<EOF | ||
USAGE: remove-pem-password.sh [pemFilePath] | ||
pemFilePath Provide the path to a PEM-formatted private key file | ||
Running this prompt for the current PEM file password then rewrite the file | ||
without password encryption. | ||
EOF | ||
exit 0 | ||
fi | ||
|
||
set -e | ||
|
||
cleanup() | ||
{ | ||
set +e | ||
} | ||
|
||
trap cleanup EXIT | ||
|
||
if [ -z "$1" ]; then | ||
read -p "Enter PEM private key file path:" PemFile | ||
else | ||
PemFile=$1 | ||
fi | ||
if [ ! -f "$PemFile" ]; then | ||
>&2 echo "$PemFile does not exist" | ||
exit 1 | ||
fi | ||
|
||
openssl rsa -in "$PemFile" -out "$PemFile" |