sonic-buildimage/scripts/convert-pfx-cert-format.sh

37 lines
914 B
Bash
Raw Normal View History

#!/bin/bash -ex
usage()
{
echo "Usage: $0 -p <pfx_cert> -k <signing_key> -c <signing_cert> -a <ca_cert>"
exit 1
}
while getopts "p:k:c:a:" opt; do
case $opt in
p)
PFX_FILE=$OPTARG
;;
k)
SIGNING_KEY=$OPTARG
;;
c)
SIGNING_CERT=$OPTARG
;;
a)
CA_CERT=$OPTARG
;;
*)
usage
;;
esac
done
( [ -z $PFX_FILE ] || [ -z $SIGNING_KEY ] || [ -z $SIGNING_CERT ] || [ -z $CA_CERT ] ) && exit 1
openssl pkcs12 -in "${PFX_FILE}" -clcerts -nokeys -nodes -passin pass: -out ${SIGNING_CERT}
openssl pkcs12 -in "${PFX_FILE}" -nocerts -nodes -passin pass: -out ${SIGNING_KEY}
# Export the last intermediate CA ceritficate
openssl pkcs12 -in "${PFX_FILE}" -cacerts -nokeys -nodes -passin pass: | sed -z -e "s/.*\(-----BEGIN CERTIFICATE\)/\1/" > ${CA_CERT}