zakjan
commented
9 years ago Yeah, this feature is in the todo list. Can you implement it?
Which application requires it? I am aware of old Apache only.
Closed danrue closed 9 years ago
zakjan
commented
9 years ago Yeah, this feature is in the todo list. Can you implement it?
Which application requires it? I am aware of old Apache only.
danrue
commented
9 years ago AWS - when uploading a certificate to AWS using upload-server-certificate, they appear to be actually stripping intermediary certs if they are included in the certificate-body and requiring a bundle file to be listed separately. See http://docs.aws.amazon.com/cli/latest/reference/iam/upload-server-certificate.html
I have modified the implementation locally for my purposes (without backward compatibility). I ran into a few larger issues when trying to just add an option to support it. Notably, it needs option handling, and the verification step at the end needs modification. I'll post what I have now in case it's useful, and I will try to do the refactor work soon and submit a PR.
zakjan
commented
9 years ago @danrue I have added -i flag to output intermediate certificates only. Can you check if it works for you?
danrue
commented
9 years ago Thanks @zakjan - the changes look great. I submitted a PR to improve the behavior when running with no arguments and no stdin.
I am using a certificate interface that requires the certificate file to be separate from the CA bundle. Would you be interested in an option that excludes the input crt from the output bundle file?