SSL Howto - convert a pkcs12 (*.p12) bundle to import into Stingray

Update: 2013 06018 - I had to do 50 conversions today, so I have attached a shell script to to automate this process.

==

 

Assumptions:

  1. You have a pkcs12 bundle with a private key and certificate in it - in this example we will use a file called www.website.com.p12.  I use SimpleAuthority as it is cross platform and the free edition lets you create up to 5 keypairs, which is plenty for the lab...
  2. You don't have a password on the private key (passwords on machine loaded keys are a waste of time IMHO)
  3. You have a Linux / MacOS X / Unix system with openssl installed (Mac OS X does by default, so do most Linux installs...)

 

3 commands you need:

 

First we take the p12 and export just the private key (-nocerts) and export it in RSA format with no encryption (-nodes)

openssl pkcs12 -in www.website.com.p12 -nocerts -out www.website.com.key.pem -nodes

Second we take the p12 and export just the certificate (-nokeys) and export it in RSA format with no encryption (-nodes)

openssl pkcs12 -in www.website.com.p12 -nokeys -out www.website.com.cert.pem -nodes

Third, we convert the private key into the format Stingray wants it in (-text)

openssl rsa -in www.website.com.key.pem -out www.website.com.key.txt.pem -text

 

You are left with a list of files, only two of them are needed to import into the Stingray:

  1. www.website.com.key.txt.pem is the private key you need
  2. www.website.com.cert.pem is the certificate you need

 

These can then be imported into the STM under Catalogues > SSL > Server Certs

Google Chrome054.png

Hope this helps..

 

1 ~ $ ./p12_convert.sh -h

./p12_convert.sh written by Aidan Clarke <aidan.clarke at riverbed.com>

Copyright Riverbed Technologies 2013

 

usage: ./p12_convert.sh -i inputfile -o outputfile

 

This script converts a p12 bundle to PEM formated key and certificate ready for

import into Stingray Traffif Manager

 

OPTIONS:

   -h      Show this message

   -i      Input file name

   -o      Output file name stub