2015-12-30 16:31:55 +01:00
|
|
|
# openssl
|
|
|
|
|
|
|
|
|
|
> OpenSSL is a cryptography toolkit.
|
|
|
|
|
|
2016-01-18 23:22:33 +01:00
|
|
|
- Check an SSL connection:
|
2015-12-30 16:31:55 +01:00
|
|
|
|
2016-01-05 15:25:38 +01:00
|
|
|
`openssl s_client -connect {{domain}}:{{port}}`
|
2015-12-30 16:31:55 +01:00
|
|
|
|
2016-01-18 23:22:33 +01:00
|
|
|
- Generate new private key and CSR:
|
2015-12-30 16:31:55 +01:00
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl req -out {{path/to/CSR.csr}} -new -newkey rsa:2048 -nodes -keyout {{path/to/pivate.key}}`
|
2015-12-30 16:31:55 +01:00
|
|
|
|
2016-01-18 23:22:33 +01:00
|
|
|
- Read contents of a certificate:
|
2015-12-30 16:31:55 +01:00
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl x509 -text -noout -in {{path/to/certificate.crt}}`
|
2016-01-05 15:26:54 +01:00
|
|
|
|
2016-01-18 23:22:33 +01:00
|
|
|
- Read contents of a private key:
|
2016-01-05 15:26:54 +01:00
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl rsa -check -in {{path/to/pivate.key}}`
|
2016-01-05 15:26:54 +01:00
|
|
|
|
2016-01-18 23:22:33 +01:00
|
|
|
- Verify a CSR file:
|
2016-01-05 15:26:54 +01:00
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl req -text -noout -verify -in {{path/to/CSR.csr}}`
|
2015-12-30 16:31:55 +01:00
|
|
|
|
2016-01-18 23:22:33 +01:00
|
|
|
- Check MD5 hash of a certificate:
|
2015-12-30 16:31:55 +01:00
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl x509 -noout -modulus -in {{path/to/certificate.crt}} | openssl md5`
|
2016-01-05 15:26:54 +01:00
|
|
|
|
2016-01-18 23:22:33 +01:00
|
|
|
- Check MD5 hash of a private key:
|
2016-01-05 15:26:54 +01:00
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl rsa -noout -modulus -in {{path/to/pivate.key}} | openssl md5`
|
2016-01-05 15:26:54 +01:00
|
|
|
|
2016-01-18 23:22:33 +01:00
|
|
|
- Check MD5 hash of a CSR file:
|
2016-01-05 15:26:54 +01:00
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl req -noout -modulus -in {{path/to/CSR.csr}} | openssl md5`
|
