OpenSSL Certificate Cheat Sheet

OpenSSL Certificate Cheat Sheet

Get Social!

openssl-logoThese commands cover the basics of OpenSSL and are valid for either Windows or Linux with the exception that paths may need to be corrected for the respective platform.

Install OpenSSL

For windows http://www.openssl.org/related/binaries.html

For Ubuntu

Create Private Key

The last argument in the below line is the key length. This can be changed to 2048 or 4096 if required for better encryption.

Generate a CSR (Certificate Signing Request)

You will be asked for the details of the certificate such as domain name and address when running this command.

Remove Passphrase from Key

Some applications do not allow for the private key to have a passphrase. The below commands will remove the passphrase – be careful as it will mean the key is no longer protected and can be viewed by anyone with read access to the file.

Generating a Self-Signed Certificate

Once you have generated a key and CSR you will need to sign the request and generate the public certificate. If you do not have a certificate authority you can sign the certificate yourself. The below will generate a certificate which is valid for one year.

Convert x509 to pem

pkcs12 to pem – key only

Use the below command to extract only the key from a pkcs12 certificate.

pkcs12 to pem – certificate only

Use the below command to extract only the public certificate from a pkcs12 certificate.

Check a private key

You can check a private key with the below command.

Check a certificate

Use the below command to check a certificate.

 


Related posts:


Leave a Reply

Visit our advertisers

Search

Quick Poll

Which type of virtualisation do you use?
  • Add your answer

Visit our advertisers