2015-12-30 16:31:55 +01:00
|
|
|
# openssl
|
|
|
|
|
|
|
|
> OpenSSL is a cryptography toolkit.
|
|
|
|
|
|
|
|
- Check an SSL connection
|
|
|
|
|
2016-01-05 15:25:38 +01:00
|
|
|
`openssl s_client -connect {{domain}}:{{port}}`
|
2015-12-30 16:31:55 +01:00
|
|
|
|
|
|
|
- Generate new private key and CSR
|
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl req -out {{path/to/CSR.csr}} -new -newkey rsa:2048 -nodes -keyout {{path/to/pivate.key}}`
|
2015-12-30 16:31:55 +01:00
|
|
|
|
|
|
|
- Read contents of certificate, private key and CSR file
|
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl x509 -text -noout -in {{path/to/certificate.crt}}`
|
|
|
|
`openssl rsa -check -in {{path/to/pivate.key}}`
|
|
|
|
`openssl req -text -noout -verify -in {{path/to/CSR.csr}}`
|
2015-12-30 16:31:55 +01:00
|
|
|
|
|
|
|
- Check if certificate, private key and CSR have the same MD5 hash
|
|
|
|
|
2015-12-30 19:32:23 +01:00
|
|
|
`openssl x509 -noout -modulus -in {{path/to/certificate.crt}} | openssl md5`
|
|
|
|
`openssl rsa -noout -modulus -in {{path/to/pivate.key}} | openssl md5`
|
|
|
|
`openssl req -noout -modulus -in {{path/to/CSR.csr}} | openssl md5`
|