Certtool - Synchronet Certificate Tool

This is a small tool to allow creating CSRs and importing/exporting certificate chains and other files. This should be usable to obtain a trusted Let's Encrypt certificate before the ACMEv2 endpoint goes live. After that, it would be much better to use LetSyncrypt.

Options

--export-pkcs12 <file> Exports the current private key and certificate as a PKCS#12 file, encrypted using the system password. File name must end in .p12.

--import-pkcs12 <file> Imports the current private key and certificate as a PKCS#12 file OVERWRITING THE CURRENT ONE, encrypted using the system password. File name must end in .p12.

--csr Generates a CSR.

This form can also take zero or more --domain options indicating additional domains your BBS handles. For example:

jsexec certtool --csr --domain nix.synchro.net --domain gallery.bbsdev.net --domain pics.bbsdev.net --domain home.bbsdev.net > csr.pem

--import <file> Imports a certificate chain. This must be a single text file with the whole certificate chain in separate contains like this:

-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISA/+MFKRHU5G75Qe5a0tI9p2rMA0GCSqGSIb3DQEBCwUA
MEoxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1MZXQncyBFbmNyeXB0MSMwIQYDVQQD
ExpMZXQncyBFbmNyeXB0IEF1dGhvcml0eSBYMzAeFw0xODAyMjgxODE0NTFaFw0x
ODA1MjkxODE0NTFaMBoxGDAWBgNVBAMTD25peC5zeW5jaHJvLm5ldDCCASIwDQYJ
KoZIhvcNAQEBBQADggEPADCCAQoCggEBALXkBG84PUuj41cGs0CtIUFGY3k7cPOI
G3DnDzJ56dnhal1ERFfb7j0ajSZSEI1Kf00TuOap7rvbPfnRpFXzs9idAjWEofAI
R2LsTMzSHDjF9YlSp8IwoWlZ9giS3d0Tvz1j/UgNEaggIo2v9UoYNogxZjvfAC1k
rFSoNi1tT+rkpwEF7ZjhdsbOmZDoynuj72ArlUuCpgcsYiinKf+1KDtflpxb15Qp
oof/pGjQDakGiHVq+xmuAqd/uCMJ3Lbo+BITOpe/cgm1evMGpn8nrV91WpUI5osP
h1DhyjxZvzjOq5VRXk0J5djfhMbPYpecBrkWwZY5AJBsg203nKV9qVUCAwEAAaOC
AkUwggJBMA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYB
BQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUz5FpYzxtrXIaQ1jcPQTxqcr/
0DQwHwYDVR0jBBgwFoAUqEpqYwR93brm0Tm3pkVl7/Oo7KEwbwYIKwYBBQUHAQEE
YzBhMC4GCCsGAQUFBzABhiJodHRwOi8vb2NzcC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnMC8GCCsGAQUFBzAChiNodHRwOi8vY2VydC5pbnQteDMubGV0c2VuY3J5cHQu
b3JnLzBQBgNVHREESTBHghJnYWxsZXJ5LmJic2Rldi5uZXSCD2hvbWUuYmJzZGV2
Lm5ldIIPbml4LnN5bmNocm8ubmV0gg9waWNzLmJic2Rldi5uZXQwgf4GA1UdIASB
9jCB8zAIBgZngQwBAgEwgeYGCysGAQQBgt8TAQEBMIHWMCYGCCsGAQUFBwIBFhpo
dHRwOi8vY3BzLmxldHNlbmNyeXB0Lm9yZzCBqwYIKwYBBQUHAgIwgZ4MgZtUaGlz
IENlcnRpZmljYXRlIG1heSBvbmx5IGJlIHJlbGllZCB1cG9uIGJ5IFJlbHlpbmcg
UGFydGllcyBhbmQgb25seSBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIENlcnRpZmlj
YXRlIFBvbGljeSBmb3VuZCBhdCBodHRwczovL2xldHNlbmNyeXB0Lm9yZy9yZXBv
c2l0b3J5LzANBgkqhkiG9w0BAQsFAAOCAQEAVveRSpKC7UKlHMFTfZX85QElyEA9
0Djt1SbGUvghKHy0FUCyB0EVH1FZS3WvWZMQSsWAwvaFZ+GdRg0INVn755pPQm5a
M5oDM+2zYhUe6nbJi+woQJrykmmXo0F0NnKgfFsgaBokvq/XhqLcCeo4mWAMMISC
gzaVuxiQ7lP58tBbj0KNq1ecOmnjN3cNTNaPZyv/4leRee3XNFwbKt3MDsxCKTLi
5CsVrpEOFLJ/EOa8A2B4M7LWi3LEj4pswT6VhL+z385Zy5I287xQ8gaYQECLpRq/
65dtsA0QL3OcDi6GwDy3TT4Rij3ESG4mtI+mflTrsMPzARsP6yvZx8cSbw==
-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
MSQwIgYDVQQKExtEaWdpdGFsIFNpZ25hdHVyZSBUcnVzdCBDby4xFzAVBgNVBAMT
DkRTVCBSb290IENBIFgzMB4XDTE2MDMxNzE2NDA0NloXDTIxMDMxNzE2NDA0Nlow
SjELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUxldCdzIEVuY3J5cHQxIzAhBgNVBAMT
GkxldCdzIEVuY3J5cHQgQXV0aG9yaXR5IFgzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAnNMM8FrlLke3cl03g7NoYzDq1zUmGSXhvb418XCSL7e4S0EF
q6meNQhY7LEqxGiHC6PjdeTm86dicbp5gWAf15Gan/PQeGdxyGkOlZHP/uaZ6WA8
SMx+yk13EiSdRxta67nsHjcAHJyse6cF6s5K671B5TaYucv9bTyWaN8jKkKQDIZ0
Z8h/pZq4UmEUEz9l6YKHy9v6Dlb2honzhT+Xhq+w3Brvaw2VFn3EK6BlspkENnWA
a6xK8xuQSXgvopZPKiAlKQTGdMDQMc2PMTiVFrqoM7hD8bEfwzB/onkxEz0tNvjj
/PIzark5McWvxI0NHWQWM6r6hCm21AvA2H3DkwIDAQABo4IBfTCCAXkwEgYDVR0T
AQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwfwYIKwYBBQUHAQEEczBxMDIG
CCsGAQUFBzABhiZodHRwOi8vaXNyZy50cnVzdGlkLm9jc3AuaWRlbnRydXN0LmNv
bTA7BggrBgEFBQcwAoYvaHR0cDovL2FwcHMuaWRlbnRydXN0LmNvbS9yb290cy9k
c3Ryb290Y2F4My5wN2MwHwYDVR0jBBgwFoAUxKexpHsscfrb4UuQdf/EFWCFiRAw
VAYDVR0gBE0wSzAIBgZngQwBAgEwPwYLKwYBBAGC3xMBAQEwMDAuBggrBgEFBQcC
ARYiaHR0cDovL2Nwcy5yb290LXgxLmxldHNlbmNyeXB0Lm9yZzA8BgNVHR8ENTAz
MDGgL6AthitodHRwOi8vY3JsLmlkZW50cnVzdC5jb20vRFNUUk9PVENBWDNDUkwu
Y3JsMB0GA1UdDgQWBBSoSmpjBH3duubRObemRWXv86jsoTANBgkqhkiG9w0BAQsF
AAOCAQEA3TPXEfNjWDjdGBX7CVW+dla5cEilaUcne8IkCJLxWh9KEik3JHRRHGJo
uM2VcGfl96S8TihRzZvoroed6ti6WqEBmtzw3Wodatg+VyOeph4EYpr/1wXKtx8/
wApIvJSwtmVi4MFU5aMqrSDE6ea73Mj2tcMyo5jMd6jmeWUHK8so/joWUoHOUgwu
X4Po1QYz+3dszkDqMp4fklxBwXRsW10KXzPMTZ+sOPAveyxindmjkW8lGy+QsRlG
PfZ+G6Z6h7mjem0Y+iWlkYcV4PIWL1iwBi8saCbGS5jN2p8M+X+Q7UNKEkROb3N6
KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----

For example:

jsexec certtool --import /tmp/le.cert

See Also

module/certtool.txt · Last modified: 2021/01/27 18:51 by digital man
Back to top
CC Attribution 4.0 International
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0