#!/bin/zsh # if this script fails, execute "sed -i -e 's/\r$//' ./createp12.sh" to replace CRLF with LF, then try again # Copy this script file to /mnt/SSD1/docker/data/traefik/certs folder an run from there ud_shell="$(readlink /proc/$$/exe)" UD_SHELL=${ud_shell##*/} if [[ "$UD_SHELL" != "zsh" ]]; then echo "Please run script in zsh shell!" exit 1 fi _get_password() { success=0 prompt=$1 unset pass while IFS= read -s -k 1 "char?$prompt" do if [[ $char == $'\n' ]]; then success=1 break else prompt='*' pass+="$char" fi done echo "$pass" return $success } unset password echo "The .p12 file must be protected with a password. Please enter password to encrypt .p12 file" confirm=0 while [[ $confirm -eq 0 ]] do password=`_get_password "password:"`; retval=$? if [[ $retval -eq 0 ]]; then break fi echo passlen=${#password} if [[ $passlen -lt 8 ]]; then echo "password must be 8 characters or longer!" continue fi password2=`_get_password "confirm :"`; retval=$? if [[ $retval -eq 0 ]]; then break fi echo if [[ "$password" == "$password2" ]]; then confirm=1 break; fi echo "Confirmation differs from password entered. Please re-enter password" done echo if [[ $confirm -eq 1 ]]; then #echo "pass2: $password2" echo "$password" | openssl pkcs12 -export -out plex_cert.p12 -in plex.pem -inkey plex-key.pem -certfile plex.pem -passout stdin -certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256 #openssl pkcs12 -export -out plex_cert.p12 -in plex.pem -inkey plex-key.pem -certfile plex.pem -passout pass: "password" -certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256 echo "Created plex_cert.p12" else echo "Aborted!" fi