Splitting an X509 PEM-Encoded Certificate Bundle into Multiple Files
This post's featured URL for sharing metadata is https://www.jvt.me/img/profile.jpg.
Today I was wanting to break out a large certificate bundle, containing many X509 PEM-encoded certs, into separate files. While I was thinking about scripting it myself, I realised surely someone has done this before? It's a pretty standard thing for sysadmins to have done before, so resorted to searching online.
Lo and behold, I found two great solutions via How to split a PEM file on Server Fault:
Using the split
command, which I've not tried before:
split -p "-----BEGIN CERTIFICATE-----" collection.pem individual-
Or using trusty awk
:
awk '
split_after == 1 {n++;split_after=0}
/-----END CERTIFICATE-----/ {split_after=1}
{print > "cert" n ".pem"}' < $file