2 # Create a p12 file from local certs
4 echo "FQI (Fully Qualified Identity): "
13 # Add Cert AND Intermediate CAs (Clients will have Root CAs (or not))
14 cat $MACH.crt > $MACH.chain
15 # Add THIS Intermediate CA into chain
16 cat "certs/ca.crt" >> $MACH.chain
18 # Make a pkcs12 keystore, a jks keystore and a pem keystore
20 # Note: Openssl will pickup and load all Certs in the Chain file
21 openssl pkcs12 -name $FQI -export -in $MACH.chain -inkey private/$MACH.key -out $MACH.p12