Difference between revisions of "cmd/openssl"

Revision as of 01:28, 12 April 2012

openssl is the command-line program for managing SSL data and certificates.

To verify how a web server is presenting its certificate over https:
openssl s_client -connect vbz.net:443
To generate a new private key:
openssl genrsa -des3 -out filename.key 4096
To remove the pass phrase from a private key:
openssl rsa -in oldfile.key -out newfile.key
There is slightly more explanation here.

openssl verify [1] seems to be the tool of choice for checking certificate files stored locally.
This also has some useful information about using openssl, and a little bit about the "chaining" concept.

@@ Line 8: / Line 8: @@
 ==About==
 [[openssl]] is the command-line program for managing [[Secure Sockets Layer|SSL]] data and certificates.
-==Example==
+==Examples==
-* openssl s_client -connect vbz.net:443
+* To verify how a web server is presenting its certificate over https:
+*: '''openssl s_client -connect vbz.net:443'''
+* To generate a new private key:
+*: '''openssl genrsa -des3 -out <u>filename</u>.key 4096'''
+* To remove the pass phrase from a private key:
+*: '''openssl rsa -in <u>oldfile.key</u> -out <u>newfile.key</u>'''
+*:: There is slightly more explanation [http://faq.andrew.net.au/cache/74.html here].
 ==Notes==
 * [[/verify|openssl verify]] [http://www.mkssoftware.com/docs/man1/openssl_verify.1.asp] seems to be the tool of choice for checking certificate files stored locally.
@@ Line 16: / Line 22: @@
 * [http://www.openssl.org/ openssl.org]
 ** [http://www.openssl.org/docs/apps/s_client.html s_client]
+* [http://www.madboa.com/geek/openssl/ examples]