#!/bin/bashread -p "Please enter passphrase to decrypt certifications: " passp

1. #!/bin/bash
2.  
3. read -p "Please enter passphrase to decrypt certifications: " passphrase
4. outputPath="./output"
5. mkdir -p ${outputPath}
6.  
7. read -p "Pleas enter password to decrypt output p12 file: " outputPassword
8.  
9. for entry in ./certs/*/*.cer
10. do
11. cerID=${entry: -14:10}
12.  
13. OIFS="$IFS"
14. IFS='/'
15. read -a new_string <<< "${entry}"
16. IFS="$OIFS"
17. type=${new_string[2]}
18.  
19. echo "certificatoin type ${type}: ${cerID} found!"
20.  
21. mkdir -p "${outputPath}/${type}"
22.  
23. outCertDer="${outputPath}/${type}/${cerID}.der"
24. certPem="${outputPath}/${type}/${cerID}-cert.pem"
25. keyPem="${outputPath}/${type}/${cerID}-key.pem"
26. openssl aes-256-cbc -k "${passphrase}" -in "certs/${type}/${cerID}.cer" -out ${outCertDer} -a -d
27. openssl x509 -inform der -in "${outCertDer}" -out "${certPem}"
28.  
29. openssl aes-256-cbc -k "${passphrase}" -in "certs/${type}/${cerID}.p12" -out "${keyPem}" -a -d
30.  
31. openssl pkcs12 -export -out "${outputPath}/${type}/${cerID}-cert.p12" -inkey "${keyPem}" -in "${certPem}" -password pass:"${outputPassword}"
32. done
33.  
34. echo "Generate done! You can find p12 files under ${outputPath} folder!"
35.  
36. read -n 1 -s -r -p "Would you like to keep der, key.pem, cert.pem files? [y/n]" keep
37. if [ "$keep" = "n" ]
38. then
39. rm -rf ${outputPath}/*/*.pem
40. rm -rf ${outputPath}/*/*.der
41. fi