64 lines
2.1 KiB
Bash
64 lines
2.1 KiB
Bash
#!/bin/zsh
|
|
|
|
# if this script fails, execute "sed -i -e 's/\r$//' ./createp12.sh" to replace CRLF with LF, then try again
|
|
|
|
# Copy this script file to /mnt/SSD1/docker/data/traefik/certs folder an run from there
|
|
|
|
ud_shell="$(readlink /proc/$$/exe)"
|
|
UD_SHELL=${ud_shell##*/}
|
|
if [[ "$UD_SHELL" != "zsh" ]]; then
|
|
echo "Please run script in zsh shell!"
|
|
exit 1
|
|
fi
|
|
_get_password() {
|
|
success=0
|
|
prompt=$1
|
|
unset pass
|
|
while IFS= read -s -k 1 "char?$prompt"
|
|
do
|
|
if [[ $char == $'\n' ]]; then
|
|
success=1
|
|
break
|
|
else
|
|
prompt='*'
|
|
pass+="$char"
|
|
fi
|
|
done
|
|
echo "$pass"
|
|
return $success
|
|
}
|
|
unset password
|
|
echo "The .p12 file must be protected with a password. Please enter password to encrypt .p12 file"
|
|
confirm=0
|
|
while [[ $confirm -eq 0 ]]
|
|
do
|
|
password=`_get_password "password:"`; retval=$?
|
|
if [[ $retval -eq 0 ]]; then
|
|
break
|
|
fi
|
|
echo
|
|
passlen=${#password}
|
|
if [[ $passlen -lt 8 ]]; then
|
|
echo "password must be 8 characters or longer!"
|
|
continue
|
|
fi
|
|
password2=`_get_password "confirm :"`; retval=$?
|
|
if [[ $retval -eq 0 ]]; then
|
|
break
|
|
fi
|
|
echo
|
|
if [[ "$password" == "$password2" ]]; then
|
|
confirm=1
|
|
break;
|
|
fi
|
|
echo "Confirmation differs from password entered. Please re-enter password"
|
|
done
|
|
echo
|
|
if [[ $confirm -eq 1 ]]; then
|
|
#echo "pass2: $password2"
|
|
echo "$password" | openssl pkcs12 -export -out plex_cert.p12 -in plex.pem -inkey plex-key.pem -certfile plex.pem -passout stdin -certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256
|
|
#openssl pkcs12 -export -out plex_cert.p12 -in plex.pem -inkey plex-key.pem -certfile plex.pem -passout pass: "password" -certpbe AES-256-CBC -keypbe AES-256-CBC -macalg SHA256
|
|
echo "Created plex_cert.p12"
|
|
else
|
|
echo "Aborted!"
|
|
fi |