Awesome! Very good to see an example of certificate transforma with OpenSSL. One thing I’d like to do with scripting is provide UI to set parameter values so you can re-use the same script for different things (same as we do for DNS providers). That’s probably some time away though, I just need to make time and make it a priority.
The other option I’d like to implement is to optionally export to the various formats as part of deployment, so you don’t have to do the conversions yourself.