====== Certtool - Synchronet Certificate Tool ====== This is a small tool to allow creating CSRs and importing/exporting certificate chains and other files. This should be usable to obtain a trusted Let's Encrypt certificate before the ACMEv2 endpoint goes live. After that, it would be much better to use [[module:letsyncrypt|LetSyncrypt]]. ===== Options ===== ''%%--%%export-pkcs12 '' Exports the current private key and certificate as a PKCS#12 file, encrypted using the system password. File name must end in .p12. ''%%--%%import-pkcs12 '' Imports the current private key and certificate as a PKCS#12 file **OVERWRITING THE CURRENT ONE**, encrypted using the system password. File name must end in .p12. ''%%--%%csr'' Generates a CSR. This form can also take zero or more ''%%--%%domain'' options indicating additional domains your BBS handles. For example: ''%%jsexec certtool --csr --domain nix.synchro.net --domain gallery.bbsdev.net --domain pics.bbsdev.net --domain home.bbsdev.net%%'' > csr.pem ''%%--%%import '' Imports a certificate chain. This must be a single text file with the whole certificate chain in separate contains like this: -----BEGIN CERTIFICATE----- MIIFNzCCBB+gAwIBAgISA/+MFKRHU5G75Qe5a0tI9p2rMA0GCSqGSIb3DQEBCwUA MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODAyMjgxODE0NTFaFw0x ODA1MjkxODE0NTFaMBoxGDAWBgNVBAMTD25peC5zeW5jaHJvLm5ldDCCASIwDQYJ KoZIhvcNAQEBBQADggEPADCCAQoCggEBALXkBG84PUuj41cGs0CtIUFGY3k7cPOI G3DnDzJ56dnhal1ERFfb7j0ajSZSEI1Kf00TuOap7rvbPfnRpFXzs9idAjWEofAI R2LsTMzSHDjF9YlSp8IwoWlZ9giS3d0Tvz1j/UgNEaggIo2v9UoYNogxZjvfAC1k rFSoNi1tT+rkpwEF7ZjhdsbOmZDoynuj72ArlUuCpgcsYiinKf+1KDtflpxb15Qp oof/pGjQDakGiHVq+xmuAqd/uCMJ3Lbo+BITOpe/cgm1evMGpn8nrV91WpUI5osP h1DhyjxZvzjOq5VRXk0J5djfhMbPYpecBrkWwZY5AJBsg203nKV9qVUCAwEAAaOC AkUwggJBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUz5FpYzxtrXIaQ1jcPQTxqcr/ 0DQwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu b3JnLzBQBgNVHREESTBHghJnYWxsZXJ5LmJic2Rldi5uZXSCD2hvbWUuYmJzZGV2 Lm5ldIIPbml4LnN5bmNocm8ubmV0gg9waWNzLmJic2Rldi5uZXQwgf4GA1UdIASB 9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpo dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlz IENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcg UGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmlj YXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBv c2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAVveRSpKC7UKlHMFTfZX85QElyEA9 0Djt1SbGUvghKHy0FUCyB0EVH1FZS3WvWZMQSsWAwvaFZ+GdRg0INVn755pPQm5a M5oDM+2zYhUe6nbJi+woQJrykmmXo0F0NnKgfFsgaBokvq/XhqLcCeo4mWAMMISC gzaVuxiQ7lP58tBbj0KNq1ecOmnjN3cNTNaPZyv/4leRee3XNFwbKt3MDsxCKTLi 5CsVrpEOFLJ/EOa8A2B4M7LWi3LEj4pswT6VhL+z385Zy5I287xQ8gaYQECLpRq/ 65dtsA0QL3OcDi6GwDy3TT4Rij3ESG4mtI+mflTrsMPzARsP6yvZx8cSbw== -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/ MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8 SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0 Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj /PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/ wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6 KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg== -----END CERTIFICATE----- For example: jsexec certtool --import /tmp/le.cert ===== See Also ===== * [[:module:|module index]] * [[LetSyncrypt]] {{tag>jsutil letsencrypt tls ssl crypt}}