Höglandets IT - GitLab

Skip to content
Snippets Groups Projects

Convert Certificates

  • Clone with SSH
  • Clone with HTTPS
  • Embed
  • Share
    The snippet can be accessed without any authentication.
    Authored by Lars Scheibling

    Convert certificates from PFX to PEM (Linux)

    Usage:

    $ chmod +x convertcert.sh
$ ./convertcert.sh MyPFXCertificate.pfx
$ ls -al
-rwxrwxrwx 1 root root    0 Mar 21 11:47 MyPFXCertificate.key.pem
-rwxrwxrwx 1 root root    0 Mar 21 11:47 MyPFXCertificate.key.nopass.pem
-rwxrwxrwx 1 root root    0 Mar 21 11:47 MyPFXCertificate.cert.chained.pem
-rwxrwxrwx 1 root root    0 Mar 21 11:47 MyPFXCertificate.cert.pem
-rwxrwxrwx 1 root root    0 Mar 21 11:47 MyPFXCertificate.combined.pem
    Edited
    convertcert.sh 586 B
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18 
    #!/bin/bash
pfx=$1
out=${pfx%.pfx}

# Create a private keyfile (with password)
openssl pkcs12 -in "$pfx" -out "$out.key.pem"

# Create the private keyfile (without password)
openssl pkcs12 -in "$pfx" -out "$out.key.nopass.pem" -nocerts -clcerts -nodes

# Create the public key with the chain
openssl pkcs12 -in "$pfx" -out "$out.cert.chained.pem"  -nokeys

# Create the public key without the chain
openssl pkcs12 -in "$pfx" -out "$out.cert.nochain.pem" -clcerts -nokeys

# Create a combined cert/key (for haproxy)
cat "$out.cert.chained.pem" "$out.key.nopass.pem" > "$out.combined.pem"
    0% or .
    You are about to add 0 people to the discussion. Proceed with caution.
    Finish editing this message first!
    Please register or to comment