# Make sure right certificate
# ###########################

# On blackbird.pppl.gov
  /var/www/Users/fgcm_cert.pem

# Check present date on certificate
# As user fgcm on blackgrid.pppl.gov
grid-cert-info -file $file -s -sd -ed
/DC=org/DC=fusiongrid/OU=People/CN=FusionGrid Certificate Manager 17184
Jul 31 19:09:51 2008 GMT
Jul 31 19:09:51 2009 GMT

# This pfx file must be in browser
# ################################
file=/u/randerso/A_20090130/FGCM/fgcm_17184.pfx 
pattern="^(subject|issuer)"
openssl pkcs12 -info -in $file | grep -E "$pattern"
   . . .
subject=/DC=org/DC=fusiongrid/OU=People/CN=FusionGrid Certificate Manager 17184
issuer=/DC=org/DC=fusiongrid/OU=Certificate Authorities/CN=FusionGrid CA
# On Windows Laptop using Internet Explorer
# Import if must
  Tools->Internet Options
    Content->Certificates->Personal
      Import...
        C:\Documents and Settings\randerso\Desktop\fgcm_17184.pfx
          Password:
          Mark this key as exportable

# Update certificate in browser
# #############################
# Then export from browser
  Tools->Internet Options
    Content->Certificates->Personal
      Highlight certificate with correct date
      Click Export...
        Yes, export the private key
        Unclick Enable strong protection
        No password
      filename fgcm_17184_20090713.pfx

# Move pfx file to Unix work area
# ###############################
openssl pkcs12 -in fgcm_17184_20090713.pfx -clcerts -nokeys -out fgcm_cert_20090713.pem
openssl pkcs12 -in fgcm_17184_20090713.pfx -nocerts -out fgcm_key_20090713.pem

openssl rsa -in fgcm_key_20090713.pem -out fgcm_unencrypted_key_20090713.pem

# Save pfx file
/bin/cp -ip fgcm_17184_20090713.pfx /u/randerso/A_20090130

# Move key and cert to blackbird