cloud engineer
SCP is a secure copy utility in Linux. You’ll need access to your system. In this example, a pem key is used to authenticate to a host. SCP copies filename.ext to the home directory of ec2-user. It’s important to add the target directory, otherwise it will not work.
Here’s how to use SCP with a key from local to server.
scp -i key.pem filename.ext user@server:/home/user |
From server to local. Run the command from local machine.
scp user@server:/home/user/file.txt /local/directory |
Here’s how to convert SSL certificate from PFX to PEM format.
#!/bin/bash echo "This script converts SSL certificates from PFX to PEM." read -p 'Enter PFX Certificate Name : ' cert_pfx read -p 'Enter the Import Passphrase : ' import_passphrase openssl pkcs12 -in $cert_pfx -nocerts -out cert-key.pem -passin pass:$import_passphrase -passout pass:$import_passphrase openssl pkcs12 -in $cert_pfx -clcerts -nokeys -out cert-body.pem -passin pass:$import_passphrase -passout pass:$import_passphrase openssl pkcs12 -in $cert_pfx -nodes -nokeys -out cert-chain.pem -passin pass:$import_passphrase -passout pass:$import_passphrase sleep 3 openssl rsa -in key.pem -out cert-private.key -passin pass:$import_passphrase -passout pass:$import_passphrase |
This was covered in an earlier post, but this script prompts you for the passphrase.
Here’s the expected output.
SSL certificates comes in multiple formats. Some providers will hand you over certificates in PFX format which comes in a single file. If you need to import it to AWS Certificate Manager, you will need to convert it from PFX to PEM format. The following set of commands uses OpenSSL and pkcs12 to convert a SSL certificate from PFX to PEM format.
openssl pkcs12 -in cert.pfx -nocerts -out key.pem openssl rsa -in key.pem -out server.key openssl pkcs12 -in cert.pfx -clcerts -nokeys -out cert.pem openssl pkcs12 -in cert.pfx -nodes -nokeys -out chain.pem |
It result in 3 files.
Once you have them, you can the proceed to import it to ACM.
