commit c10815f7f0f0e0be97606fef49ac55883ae6416d
parent 5a81f382b2a9d9076439c4e598a977c6daa9a546
Author: MikoĊaj Lenczewski <mikolaj@lenczewski.org>
Date: Tue, 5 May 2026 02:29:43 +0100
Add PKCS#12 Support
Diffstat:
1 file changed, 13 insertions(+), 1 deletion(-)
diff --git a/make-cert.sh b/make-cert.sh
@@ -7,7 +7,7 @@ shift 2
EXTRA="$(echo $@ | xargs printf '%s\n' | paste -s -d '/' -)"
ECC="${ECC:-1}"
-PCKSPASS="${PCKSPASS:-password}"
+PKCSPASS="${PKCSPASS:-password}"
DAYS="${DAYS:-730}"
case "$TYPE" in
@@ -70,6 +70,11 @@ if [ "${ECC}" = "1" ]; then
-out "certs/$TYPE/$DOMAIN/$DOMAIN.ecc.crt.pem"
chmod 644 "certs/$TYPE/$DOMAIN/$DOMAIN.ecc.crt.pem"
+
+ openssl pkcs12 -export -passout "pass:$PKCSPASS" \
+ -inkey "certs/$TYPE/$DOMAIN/$DOMAIN.ecc.key.pem" \
+ -in "certs/$TYPE/$DOMAIN/$DOMAIN.ecc.crt.pem" \
+ -out "certs/$TYPE/$DOMAIN/$DOMAIN.ecc.pfx.p12"
else
openssl req -config ca/intermediate/current/openssl_usr.cnf \
-new -subj "/C=$C/ST=$ST/O=$O/CN=${DOMAIN}/${EXTRA}" \
@@ -84,6 +89,11 @@ else
-out "certs/$TYPE/$DOMAIN/$DOMAIN.rsa.crt.pem"
chmod 644 "certs/$TYPE/$DOMAIN/$DOMAIN.rsa.crt.pem"
+
+ openssl pkcs12 -export -passout "pass:$PKCSPASS" \
+ -inkey "certs/$TYPE/$DOMAIN/$DOMAIN.rsa.key.pem" \
+ -in "certs/$TYPE/$DOMAIN/$DOMAIN.rsa.crt.pem" \
+ -out "certs/$TYPE/$DOMAIN/$DOMAIN.rsa.pfx.p12"
fi
# verify the certificate
@@ -101,7 +111,9 @@ fi
if [ "${ECC}" = "1" ]; then
echo "NOTE: ECC key is found in 'certs/$TYPE/$DOMAIN/$DOMAIN.ecc.key.pem'"
echo "NOTE: ECC certificate is found in 'certs/$TYPE/$DOMAIN/$DOMAIN.ecc.crt.pem'"
+ echo "NOTE: PKCS#12 file is found in 'certs/$TYPE/$DOMAIN/$DOMAIN.ecc.pfx.p12'"
else
echo "NOTE: RSA key is found in 'certs/$TYPE/$DOMAIN/$DOMAIN.rsa.key.pem'"
echo "NOTE: RSA certificate is found in 'certs/$TYPE/$DOMAIN/$DOMAIN.rsa.crt.pem'"
+ echo "NOTE: PKCS#12 file is found in 'certs/$TYPE/$DOMAIN/$DOMAIN.rsa.pfx.p12'"
fi
