From dedfe0c0e2994612acf4a805504128b20b0f7a12 Mon Sep 17 00:00:00 2001 From: Anders Kaseorg Date: Thu, 24 Sep 2009 10:57:00 -0400 Subject: [PATCH 1/1] pkcs2pem: Output a single file with the private key and certificate. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit (Actually, it already did, but it also gave you a separate certificate file.) It’s more convenient to deal with a single file. Many programs accept it as the cert file without needing to specify a separate key file. For other programs, you can just pass the same file as both the cert file and the key file. Signed-off-by: Anders Kaseorg --- certs/pkcs2pem | 34 ++++++++++++---------------------- 1 file changed, 12 insertions(+), 22 deletions(-) diff --git a/certs/pkcs2pem b/certs/pkcs2pem index deda4ee..6ac3b2e 100755 --- a/certs/pkcs2pem +++ b/certs/pkcs2pem @@ -4,11 +4,11 @@ set -e usage() { cat < +Usage: $0 Transforms a .p12 file, for instance as exported by Firefox's -cerfiticate "backup" feature, into a pair of a PEM certificate file -and private key. +cerfiticate "backup" feature, into a PEM file that contains your +private key and certificate. To export your certificate from Firefox, go to Edit|Preferences, Advanced|Security|View Certificates, and ``Backup'' your certificate @@ -22,33 +22,23 @@ EOF [ "$#" -eq 2 ] || usage pkcs="$1" -outdir="$2" +pem="$2" -echo -n "Password for $pkcs: " -stty -echo -read pass -stty echo -echo - -echo "$pass" | openssl pkcs12 -in "$pkcs" -nodes -out "$outdir"/cert.pem -passin stdin -echo "$pass" | openssl pkcs12 -in "$pkcs" -nodes -nocerts -out "$outdir"/privkey.pem -passin stdin +openssl pkcs12 -in "$pkcs" -nodes -out "$pem" cat >&2 <