Synchronet v3.21e-Win32 (install) has been released (Mar-2026).

You can donate to the Synchronet project using PayPal.

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
module:certtool [2018/02/28 11:40] – created deucemodule:certtool [2026/03/11 11:33] (current) – [Options] Add note on creating a .p12 file from a cert.pem and key.pem. deuce
Line 1: Line 1:
-====== Certtool ======+====== Certtool - Synchronet Certificate Tool ======
  
-This is a small tool to allow creating CSRs and importing certificate chains.  This should be usable to obtain+This is a small tool to allow creating CSRs and importing/exporting certificate chains and other files.  This should be usable to obtain
 a trusted Let's Encrypt certificate before the ACMEv2 endpoint goes live.  After that, it would be much better to use [[module:letsyncrypt|LetSyncrypt]]. a trusted Let's Encrypt certificate before the ACMEv2 endpoint goes live.  After that, it would be much better to use [[module:letsyncrypt|LetSyncrypt]].
  
 ===== Options ===== ===== Options =====
 +
 +''%%--%%export-pkcs12 <file>'' Exports the current private key and certificate as a PKCS#12 file, encrypted using the system password.  File name must end in .p12.
 +
 +To generate a .p12 from a cert.pem and key.pem file, use openssl:
 +<file>
 +$ openssl pkcs12 -export -out cert.p12 -in cert.pem -inkey key.pem
 +
 +Enter Export Password: SYSPASS
 +Verifying - Enter Export Password: SYSPASS
 +</file>
 +
 +''%%--%%import-pkcs12 <file>'' Imports the current private key and certificate as a PKCS#12 file **OVERWRITING THE CURRENT ONE**, encrypted using the system password.  File name must end in .p12.
  
 ''%%--%%csr'' Generates a CSR. ''%%--%%csr'' Generates a CSR.
Line 12: Line 24:
 ''%%jsexec certtool --csr --domain nix.synchro.net --domain gallery.bbsdev.net --domain pics.bbsdev.net --domain home.bbsdev.net%%'' > csr.pem ''%%jsexec certtool --csr --domain nix.synchro.net --domain gallery.bbsdev.net --domain pics.bbsdev.net --domain home.bbsdev.net%%'' > csr.pem
  
-''%%--%%import'' Imports a certificate chain.  This must be a single text file with the whole certificate chain in separate contains like this:+''%%--%%import <file>'' Imports a certificate chain.  This must be a single text file with the whole certificate chain in separate contains like this:
  
 <file> <file>
Line 75: Line 87:
 </file> </file>
  
 +For example:
 +  jsexec certtool --import /tmp/le.cert
 ===== See Also ===== ===== See Also =====
   * [[:module:|module index]]   * [[:module:|module index]]
 +  * [[LetSyncrypt]]
  
-{{tag>}}+{{tag>jsutil letsencrypt tls ssl crypt}}
  

Trace: