1

I am currently trying to figure out how I can divide one .pem file, containing several certificates to several new .pem files, but I do not know where to start...

The first .pem file looks like this:

-----BEGIN CERTIFICATE-----
bla bla bla
bla bla bla
bla lba bal
-----END CERTIFICATE-----
Bag attributes:
subject=blabla
issuer=bla
-----BEGIN CERTIFICATE-----
bla bla bla
bla bla bla
bla lba bal
-----END CERTIFICATE-----
Bag attributes:
subject=blabla
issuer=bla

......

However, I need a script to divide this .pem file to four new .pem files that only contains each certificate, so they look like:

-----BEGIN CERTIFICATE-----
bla bla bla
bla bla bla
bla lba bal
-----END CERTIFICATE-----

.......

how would the script look like?
I am working in MobaXtrem (and i am very very new with server management so i am a bit lost...)

I was thinking a structure like this, is that possible?

for i in 'seq 1 4'; do <some regex expression i guess> -out cert$i.pem; done

Hopefully someone can help.

Thanks

mart1234
  • 11
  • 1

1 Answers1

0

Just use openssl x509 and nothing else to handle certificates in a loop. openssl doesn't flush file descriptors it's using and always reads the minimum. You have to ensure that there's a single input stream feeding the loop.

for i in $(seq 1 4); do
    openssl x509 -out cert$i.pem
done < bundle.pem

Or even:

i=1; while openssl x509 -out cert$i.pem; do
    i=$((i+1))
done < bundle.pem

< bundle.pem could itself be the output of an other certificate processing command like below (which will still ask a password if any in this example):

openssl pkcs12 -in bundle.p12 -nokeys | {
    i=1; while ...
        ....
    done
}
A.B
  • 11,090
  • 2
  • 24
  • 45