]>
Commit | Line | Data |
---|---|---|
1 | #!/bin/bash | |
2 | ||
3 | set -e | |
4 | ||
5 | usage() { | |
6 | cat <<EOF | |
7 | Usage: $0 <cert.p12> <cert.pem> | |
8 | ||
9 | Transforms a .p12 file, for instance as exported by Firefox's | |
10 | cerfiticate "backup" feature, into a PEM file that contains your | |
11 | private key and certificate. | |
12 | ||
13 | To export your certificate from Firefox, go to Edit|Preferences, | |
14 | Advanced|Security|View Certificates, and ``Backup'' your certificate | |
15 | to a file. Firefox will save it as a PKCS12 certificate. You must | |
16 | enter a passphrase, which this script will prompt you for. | |
17 | ||
18 | EOF | |
19 | exit 1 | |
20 | } | |
21 | ||
22 | [ "$#" -eq 2 ] || usage | |
23 | ||
24 | pkcs="$1" | |
25 | pem="$2" | |
26 | ||
27 | openssl pkcs12 -in "$pkcs" -nodes -out "$pem" | |
28 | ||
29 | cat >&2 <<EOF | |
30 | Private key and certificate written to $pem | |
31 | ||
32 | Keep this file safe! | |
33 | ||
34 | You can pass this to wget's --certificate and --private-key options, | |
35 | or to curl's --cert option. | |
36 | ||
37 | To use it with perl's LWP, set the following environment variables: | |
38 | ||
39 | EOF | |
40 | ||
41 | pem=$(readlink -f "$pem") | |
42 | ||
43 | printf 'HTTPS_CERT_FILE=%q\n' "$pem" | |
44 | printf 'HTTPS_KEY_FILE=%q\n' "$pem" | |
45 |