2015-12-30 15:31:55 +00:00
|
|
|
# openssl
|
|
|
|
|
|
|
|
|
|
> OpenSSL is a cryptography toolkit.
|
|
|
|
|
|
2016-01-18 22:22:33 +00:00
|
|
|
- Check an SSL connection:
|
2015-12-30 15:31:55 +00:00
|
|
|
|
2016-01-05 14:25:38 +00:00
|
|
|
`openssl s_client -connect {{domain}}:{{port}}`
|
2015-12-30 15:31:55 +00:00
|
|
|
|
2016-01-18 22:22:33 +00:00
|
|
|
- Generate new private key and CSR:
|
2015-12-30 15:31:55 +00:00
|
|
|
|
2015-12-30 18:32:23 +00:00
|
|
|
`openssl req -out {{path/to/CSR.csr}} -new -newkey rsa:2048 -nodes -keyout {{path/to/pivate.key}}`
|
2015-12-30 15:31:55 +00:00
|
|
|
|
2016-01-18 22:22:33 +00:00
|
|
|
- Read contents of a certificate:
|
2015-12-30 15:31:55 +00:00
|
|
|
|
2015-12-30 18:32:23 +00:00
|
|
|
`openssl x509 -text -noout -in {{path/to/certificate.crt}}`
|
2016-01-05 14:26:54 +00:00
|
|
|
|
2016-01-18 22:22:33 +00:00
|
|
|
- Read contents of a private key:
|
2016-01-05 14:26:54 +00:00
|
|
|
|
2015-12-30 18:32:23 +00:00
|
|
|
`openssl rsa -check -in {{path/to/pivate.key}}`
|
2016-01-05 14:26:54 +00:00
|
|
|
|
2016-01-18 22:22:33 +00:00
|
|
|
- Verify a CSR file:
|
2016-01-05 14:26:54 +00:00
|
|
|
|
2015-12-30 18:32:23 +00:00
|
|
|
`openssl req -text -noout -verify -in {{path/to/CSR.csr}}`
|
2015-12-30 15:31:55 +00:00
|
|
|
|
2016-01-18 22:22:33 +00:00
|
|
|
- Check MD5 hash of a certificate:
|
2015-12-30 15:31:55 +00:00
|
|
|
|
2015-12-30 18:32:23 +00:00
|
|
|
`openssl x509 -noout -modulus -in {{path/to/certificate.crt}} | openssl md5`
|
2016-01-05 14:26:54 +00:00
|
|
|
|
2016-01-18 22:22:33 +00:00
|
|
|
- Check MD5 hash of a private key:
|
2016-01-05 14:26:54 +00:00
|
|
|
|
2015-12-30 18:32:23 +00:00
|
|
|
`openssl rsa -noout -modulus -in {{path/to/pivate.key}} | openssl md5`
|
2016-01-05 14:26:54 +00:00
|
|
|
|
2016-01-18 22:22:33 +00:00
|
|
|
- Check MD5 hash of a CSR file:
|
2016-01-05 14:26:54 +00:00
|
|
|
|
2015-12-30 18:32:23 +00:00
|
|
|
`openssl req -noout -modulus -in {{path/to/CSR.csr}} | openssl md5`
|
