From KeegansWiki
Jump to: navigation, search

Useful OpenSSL Commands

Get ssl cert expiration date

openssl s_client -connect 2>/dev/null </dev/null | openssl x509 -noout -enddate

Ensure key and crt match

  • The following should be the same md5 sum if the key and crt match.

openssl x509 -noout -modulus -in server.pem | openssl md5 ; openssl rsa -noout -modulus -in server.key | openssl md5

Remove passphrase from private key

openssl.exe rsa -in privateKey.pem -out private.pem

Generate key with password

openssl genrsa -des3 -out 2048

Generate key & csr without password

openssl req -nodes -newkey rsa:2048 -keyout -out

More info: [here]

View certificate details

openssl x509 -in filename.crt -noout -text

View csr details

openssl req -noout -text -in server.csr

Using openssl instead of telnet

  • openssl s_client -connect
  • ssl info scrolls by
  • Now do a normal get:
  • GET /healthcheck.txt HTTP/1.1 \n Host:



s_client -connect
a1 login <user> <pass>

List Folders

a1 LIST "" "*"

Get Folder Contents

a1 examine <folder name>