Created
July 13, 2018 11:37
-
-
Save chrizk/929f210798d9cf31470346e7fed16cd0 to your computer and use it in GitHub Desktop.
Extract certificate and private key from pfx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
if [ -z "$1" ] | |
then | |
echo "Extract certificate and private key from pfx file for configuring TLS endpoints" | |
echo "Please provide pfx file as first argument" | |
exit 1 | |
fi | |
DOMAIN=${1%.*} | |
# extract private key | |
openssl pkcs12 -in $DOMAIN.pfx -nocerts -out $DOMAIN.key_pw | |
chmod 600 $DOMAIN.key_pw | |
# extract certificate | |
openssl pkcs12 -in $DOMAIN.pfx -clcerts -nokeys -out $DOMAIN.crt | |
chmod 600 $DOMAIN.crt | |
# currently traefik is not able to handle encrypted private keys | |
# so we remove the password here | |
# see https://github.com/containous/traefik/issues/1262 | |
openssl rsa -in $DOMAIN.key_pw -out $DOMAIN.key | |
chmod 600 $DOMAIN.key |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment