Add new file remove_pass_from_pkcs12_cert.sh
This commit is contained in:
parent
63f4f0e428
commit
21b8e5e75c
1 changed files with 43 additions and 0 deletions
43
ssl/remove_pass_from_pkcs12_cert.sh
Normal file
43
ssl/remove_pass_from_pkcs12_cert.sh
Normal file
|
@ -0,0 +1,43 @@
|
|||
#!/bin/bash
|
||||
|
||||
# the source: http://serverfault.com/questions/515833/how-to-remove-private-key-password-from-pkcs12-container
|
||||
|
||||
if [ $# -ne 2 ]
|
||||
then
|
||||
echo "Usage: `basename $0` YourPKCSFile YourPKCSPassword"
|
||||
exit $E_BADARGS
|
||||
fi
|
||||
|
||||
|
||||
|
||||
YourPKCSFile=$1
|
||||
PASSWORD=$2
|
||||
TemporaryPassword=123
|
||||
|
||||
|
||||
|
||||
#First, extract the certificate:
|
||||
openssl pkcs12 -clcerts -nokeys -in $YourPKCSFile -out certificate.crt -password pass:$PASSWORD -passin pass:$PASSWORD
|
||||
|
||||
#Second, the CA key:
|
||||
openssl pkcs12 -cacerts -nokeys -in $YourPKCSFile -out ca-cert.ca -password pass:$PASSWORD -passin pass:$PASSWORD
|
||||
|
||||
#Now, the private key:
|
||||
openssl pkcs12 -nocerts -in $YourPKCSFile -out private.key -password pass:$PASSWORD -passin pass:$PASSWORD -passout pass:$TemporaryPassword
|
||||
|
||||
#Remove now the passphrase:
|
||||
openssl rsa -in private.key -out "NewKeyFile.key" -passin pass:$TemporaryPassword
|
||||
|
||||
#Put things together for the new PKCS-File:
|
||||
cat "NewKeyFile.key" > PEM.pem
|
||||
cat "certificate.crt" >> PEM.pem
|
||||
cat "ca-cert.ca" >> PEM.pem
|
||||
|
||||
#And create the new file:
|
||||
openssl pkcs12 -export -nodes -CAfile ca-cert.ca -in PEM.pem -out $YourPKCSFile"_no_password"
|
||||
|
||||
#cleaning
|
||||
rm NewKeyFile.key ca-cert.ca certificate.crt private.key PEM.pem
|
||||
|
||||
|
||||
#Now you have a new PKCS12 key file without passphrase on the private key part.
|
Loading…
Add table
Add a link
Reference in a new issue