cmd/openssl

from HTYP, the free directory anyone can edit if they can prove to me that they're not a spambot
< cmd(Redirected from openssl)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

About

openssl is the command-line program for managing SSL data and certificates.

Examples

  • To check that a certificate file is valid, and see what it says (does not work with key files) - typical file extensions are .crt, .ca:
    openssl x509 -text -in <filename>
  • To verify how a web server is presenting its certificate over https:
    openssl s_client -connect <domain>:443
    • To get the expiration date:
      echo | openssl s_client -connect <domain>:443 2>/dev/null | openssl x509 -noout -dates
  • To generate a new private key:
    openssl genrsa -des3 -out <filename.key> 4096
  • To remove the pass phrase from a private key:
    openssl rsa -in <oldfile.key> -out <newfile.key>
    There is slightly more explanation here.

Notes

  • openssl verify [1] seems to be the tool of choice for checking certificate files stored locally.
  • This also has some useful information about using openssl, and a little bit about the "chaining" concept.

Links

Retrieved from "https://htyp.org/mw/index.php?title=cmd/openssl&oldid=28740"