Difference between revisions of "Openssl"
Jump to navigation
Jump to search
m |
m |
||
| Line 2: | Line 2: | ||
==Getting ssl cert expiration date== | ==Getting ssl cert expiration date== | ||
openssl s_client -connect secure.healthcareerweb.com:443 2>/dev/null </dev/null | openssl x509 -noout -enddate | openssl s_client -connect secure.healthcareerweb.com:443 2>/dev/null </dev/null | openssl x509 -noout -enddate | ||
| + | ==Ensure key and crt match== | ||
| + | * The following should be the same md5 sum if the key and crt match. | ||
| + | openssl x509 -noout -modulus -in server.pem | openssl md5 ; | ||
| + | openssl rsa -noout -modulus -in server.key | openssl md5 | ||
==Generate key with password== | ==Generate key with password== | ||
openssl genrsa -des3 -out www.domain.com.key 2048 | openssl genrsa -des3 -out www.domain.com.key 2048 | ||
Revision as of 15:07, 17 February 2011
Useful OpenSSL Commands
Getting ssl cert expiration date
openssl s_client -connect secure.healthcareerweb.com:443 2>/dev/null </dev/null | openssl x509 -noout -enddate
Ensure key and crt match
- The following should be the same md5 sum if the key and crt match.
openssl x509 -noout -modulus -in server.pem | openssl md5 ; openssl rsa -noout -modulus -in server.key | openssl md5
Generate key with password
openssl genrsa -des3 -out www.domain.com.key 2048
Generate key & csr without password
openssl req -nodes -newkey rsa:2048 -keyout domain.com.key -out domain.com.csr
More info: [here]
View certificate details
openssl x509 -in filename.crt -noout -text
Using openssl instead of telnet
- openssl s_client -connect www.mysite.com:443
- ssl info scrolls by
- Now do a normal get:
GET /healthcheck.txt HTTP/1.1 \n Host: www.getauto.com