38 lines
1.1 KiB
Bash
38 lines
1.1 KiB
Bash
#!/bin/bash
|
|
#
|
|
# Extract the ca certificate, user certificate, user keys from the p12 package
|
|
#
|
|
#
|
|
# -clcerts (only output client certificates (not CA certificates))
|
|
# -cacerts (only output CA certificates (not client certificates))
|
|
# -nocerts (no certificates at all will be output)
|
|
# -nokeys (no private keys will be output)
|
|
#
|
|
#
|
|
if [[ -n $1 ]]; then
|
|
echo
|
|
else
|
|
echo
|
|
echo "This script will copy the certificates and keys to the strongswan configuration paths"
|
|
echo
|
|
echo "Usage: p12ext <file> [password]"
|
|
echo
|
|
echo "Example: p12ext file.p12"
|
|
echo
|
|
exit 1
|
|
fi
|
|
|
|
# create a unique path for the server certificate
|
|
UNIQ_DIR_LC=`date +%Y-%m-%d.%H_%M_%S`
|
|
UNIQ_DIR_LC="p12ext_${UNIQ_DIR_LC}"
|
|
mkdir $UNIQ_DIR_LC
|
|
|
|
# keys
|
|
openssl pkcs12 -nodes -nocerts -password "pass:password" -in $1 -out $UNIQ_DIR_LC/user.keys.pem
|
|
|
|
# certificate
|
|
openssl pkcs12 -nodes -clcerts -nokeys -password "pass:password" -in $1 -out $UNIQ_DIR_LC/user.crt.pem
|
|
|
|
# CA
|
|
openssl pkcs12 -nodes -cacerts -nokeys -password "pass:password" -in $1 -out $UNIQ_DIR_LC/ca-chain.crt.pem
|