Difference between revisions of "Openssl"

From KeegansWiki
Jump to navigation Jump to search
Line 7: Line 7:
 
openssl x509 -noout -modulus -in server.pem | openssl md5 ;
 
openssl x509 -noout -modulus -in server.pem | openssl md5 ;
 
openssl rsa -noout -modulus -in server.key | openssl md5
 
openssl rsa -noout -modulus -in server.key | openssl md5
 +
==Remove passphrase from private key==
 +
openssl.exe rsa -in privateKey.pem -out private.pem
 
==Generate key with password==
 
==Generate key with password==
 
openssl genrsa -des3 -out www.domain.com.key 2048
 
openssl genrsa -des3 -out www.domain.com.key 2048

Revision as of 10:38, 22 February 2013

Useful OpenSSL Commands

Get ssl cert expiration date

openssl s_client -connect secure.healthcareerweb.com:443 2>/dev/null </dev/null | openssl x509 -noout -enddate

Ensure key and crt match

  • The following should be the same md5 sum if the key and crt match.

openssl x509 -noout -modulus -in server.pem | openssl md5 ; openssl rsa -noout -modulus -in server.key | openssl md5

Remove passphrase from private key

openssl.exe rsa -in privateKey.pem -out private.pem

Generate key with password

openssl genrsa -des3 -out www.domain.com.key 2048

Generate key & csr without password

openssl req -nodes -newkey rsa:2048 -keyout domain.com.key -out domain.com.csr

More info: [here]

View certificate details

openssl x509 -in filename.crt -noout -text

View csr details

openssl req -noout -text -in server.csr

Using openssl instead of telnet

  • openssl s_client -connect www.mysite.com:443
  • ssl info scrolls by
  • Now do a normal get:
  • GET /healthcheck.txt HTTP/1.1 \n Host: www.getauto.com
Retrieved from "http://wiki.keeganm.com/index.php?title=Openssl&oldid=335"