Filezilla Server PS Script


Good news first, I cobbled together a working solution for filezilla server certs with letsencrypt using openssl. I just was hoping to get some help making it prettier as I am more of a batch-script guy.

$pfx = $result.ManagedItem.CertificatePath
d:\utils\OpenSSL-Win32\bin\openssl pkcs12 -in $pfx -out D:\docs\certs\letsencrypt.key -nocerts -nodes -passin pass:
d:\utils\OpenSSL-Win32\bin\openssl rsa -in D:\docs\certs\letsencrypt.key -out D:\docs\certs\letsencrypt_rsa.key
d:\utils\OpenSSL-Win32\bin\openssl pkcs12 -in $pfx -out D:\docs\certs\letsencrypt.pem -nokeys -clcerts -passin pass:

My question: Are there clean ways to hide those two paths in a powershell script?
d:\utils\OpenSSL-Win32\bin\ and


Awesome! Very good to see an example of certificate transforma with OpenSSL. One thing I’d like to do with scripting is provide UI to set parameter values so you can re-use the same script for different things (same as we do for DNS providers). That’s probably some time away though, I just need to make time and make it a priority.

The other option I’d like to implement is to optionally export to the various formats as part of deployment, so you don’t have to do the conversions yourself.


Well I am grateful that certifytheweb has the post scripts. One product takes care of my family website, rdp box AND now the TLS for my FTP server.

Thanks and hope that this helps some other users, I figured out the answers to some of my questions, here’s my working script with notes that can be configured below:

# Alias to your OpenSSL install
set-alias ossl "d:\utils\OpenSSL-Win32\bin\openssl" 

# Update keypath to where your keys will be saved a nd their names.
$keypath = "D:\docs\certs\"
$key = $keypath + "letsencrypt.key"
$rsakey = $keypath + "letsencrypt_rsa.key"
$pem = $keypath + "letsencrypt.pem"

# Get the latest PFX file path
$pfx = $result.ManagedItem.CertificatePath

# Create the Key, RSA Key, and PEM file. Use the RSA Key & PEM for FileZilla
ossl pkcs12 -in $pfx -out $key -nocerts -nodes -passin pass:
ossl rsa -in $key -out $rsakey
ossl pkcs12 -in $pfx -out $pem -nokeys -clcerts -passin pass: