]>
Commit | Line | Data |
---|---|---|
6e450839 NE |
1 | #!/bin/sh |
2 | ||
3 | set -e | |
4 | ||
5 | usage() { | |
6 | cat <<EOF | |
dedfe0c0 | 7 | Usage: $0 <cert.p12> <cert.pem> |
6e450839 NE |
8 | |
9 | Transforms a .p12 file, for instance as exported by Firefox's | |
dedfe0c0 AK |
10 | cerfiticate "backup" feature, into a PEM file that contains your |
11 | private key and certificate. | |
6e450839 NE |
12 | |
13 | To export your certificate from Firefox, go to Edit|Preferences, | |
14 | Advanced|Security|View Certificates, and ``Backup'' your certificate | |
15 | to a file. Firefox will save it as a PKCS12 certificate. You must | |
16 | enter a passphrase, which this script will prompt you for. | |
17 | ||
18 | EOF | |
19 | exit 1 | |
20 | } | |
21 | ||
22 | [ "$#" -eq 2 ] || usage | |
23 | ||
24 | pkcs="$1" | |
dedfe0c0 | 25 | pem="$2" |
6e450839 | 26 | |
dedfe0c0 | 27 | openssl pkcs12 -in "$pkcs" -nodes -out "$pem" |
6e450839 NE |
28 | |
29 | cat >&2 <<EOF | |
dedfe0c0 | 30 | Private key and certificate written to $pem |
6e450839 | 31 | |
dedfe0c0 | 32 | Keep this file safe! |
6e450839 | 33 | |
dedfe0c0 AK |
34 | You can pass this to wget's --certificate and --private-key options, |
35 | or to curl's --cert option. | |
6e450839 | 36 | |
dedfe0c0 | 37 | To use it with perl's LWP, set the following environment variables: |
6e450839 NE |
38 | |
39 | EOF | |
40 | ||
8dd88228 AK |
41 | pem=$(readlink -f "$pem") |
42 | ||
6e450839 | 43 | # No, this doesn't handle quoting properly. |
dedfe0c0 AK |
44 | echo HTTPS_CERT_FILE="$pem" |
45 | echo HTTPS_KEY_FILE="$pem" | |
6e450839 | 46 |