好的,所以我在一个目录中有openssl for windows,我正在尝试运行一个脚本,这将让我获取包含我需要的所有东西的pfx文件,并将其分成我需要的所有文件。这样可以在以后轻松上传到AWS IAM证书库。
我将在底部发布我的内容,唯一的问题是命令没有正确传递给openssl.exe,但是如果你复制它在“$ argu”创建的输出并运行反对的参数.exe手动它完美的工作。我不能为我的生活解决它的问题。
我试图使用以下两种方法来调用.exe但是看起来参数字符串没有正确转换,并且在参数中添加了一个额外的撇号,导致openssl失败。
尝试1
& $opssl $argu
我的更新代码中的尝试2如下。 使用选项1时,OpenSSL.exe会引发以下错误。在将字符串传递给.exe之前是否有更好的方法来创建字符串?
openssl:Error: 'pkcs12 -in 'E:\certs\openssl\domain.com.au\domain.com.au-PFX.pfx' -passin pass:(removed) -nokeys -cacerts -out 'domain.com.au-PFX-20160517\domain.com.au-PFX-CA-Cert.pem'' is an invalid command.
$exedir = split-path -parent $MyInvocation.MyCommand.Definition
cd $exedir
#Powershell to use open SSL to convert a pfx to pem
Write-output "Please enter full path and PFX file"
$cert = read-host
Write-output "Please enter password for you PFX"
$pfxpass = read-host
$date = Get-date -Format "yyyMMdd"
$certDirf = Get-item "$cert" | select basename
$string = [io.path]::GetFileNameWithoutExtension($cert)
$string2 = $string.Substring(0)
$certDir = $string2
$opssl = "$exedir\openssl.exe"
Write-output "$certDir"
$opssltest = If (Test-Path $exedir\openssl.exe){
Write-host "found OpenSSL.exe"
}
Else
{
write-host "couldn't find openSSL.exe"
}
Invoke-Command -scriptblock { $opssltest }
Function Get-Key {
if (!(test-path $certdir-$date)){mkdir $certdir-$date -force}
cd $exedir
$Argu = "pkcs12 -in '$cert' -passin pass:$pfxpass -nocerts -out '$certdir-$date\$certdir-encrypted-key.pem' -nodes"
Write-host "$argu"
Start-Process -FilePath "$opssl" -ArgumentList "pkcs12 -in '$cert' -passin pass:$pfxpass -nocerts -out '$certdir-$date\$certdir-encrypted-key.pem' -nodes"
Write-host "encrypted key written"
sleep 1
$Argu = "rsa -in $certdir-$date\$certdir-encrypted-key.pem -out $certdir-$date\$certdir-key.pem"
Write-host "$argu"
Start-Process -FilePath "$opssl" -ArgumentList "rsa -in '$certdir-$date\$certdir-encrypted-key.pem' -out '$certdir-$date\$certdir-key.pem'"
Write-host "Key Un-encrypted"
Menu
}
Function Get-Cert {
if (!(test-path $certdir-$date)){mkdir $certdir-$date -force}
cd $exedir
$Argu = "pkcs12 -in '$cert' -passin pass:$pfxpass -nokeys -clcerts -out '$certdir-$date\$certdir-Cert.pem'"
Write-host "$Argu"
Start-Process -FilePath "$opssl" -ArgumentList "pkcs12 -in '$cert' -passin pass:$pfxpass -nokeys -clcerts -out '$certdir-$date\$certdir-Cert.pem'"
Write-host "Cert exported"
Menu
}
Function Get-CACert {
if (!(test-path $certdir-$date)){mkdir $certdir-$date -force}
cd $exedir
$Argu = "pkcs12 -in '$cert' -passin pass:$pfxpass -nokeys -cacerts -out '$certdir-$date\$certdir-CA-Cert.pem'"
Write-host "$argu"
$type = "pkcs12"
Start-Process -FilePath "$opssl" -ArgumentList "pkcs12 -in '$cert' -passin pass:$pfxpass -nokeys -cacerts -out '$certdir-$date\$certdir-CA-Cert.pem'"
Write-host "CA-Cert exported"
Menu
}
Function Menu{
[int]$xMenuChoiceA = 0
while ( $xMenuChoiceA -lt 1 -or $xMenuChoiceA -gt 4 ){
Write-host "All exports are in PEM format except for privet keys"
Write-host "1. Export privet key"
Write-host "2. Export Certificate"
Write-host "3. Export Ca Certificaet"
write-host "4. Exit"
[Int]$xMenuChoiceA = read-host "Please enter an option 1 to 4..." }
Switch( $xMenuChoiceA ){
1{Get-Key}
2{Get-Cert}
3{Get-CACert}
4{Exit}
}
}
Menu
答案 0 :(得分:1)
如果要调用本机应用程序(不是PowerShell命令行开关或脚本),只需这样说:
cmd.exe /C echo ohai
或
& 'cmd.exe' /C echo ohai
您可以使用&
运算符指示您希望将变量解释为命令名称。在执行时间之前不知道文件路径时是完美的。
$arguments = "pkcs12 -in '$cert' -passin pass:$pfxpass -nocerts -out '$certdir-$date\$certdir-encrypted-key.pem' -nodes"
& $opssl $arguments
必须有一种方法可以使您的示例正常工作,但这是一个.NET问题。只需使用PowerShell为您完成工作。