From 53c6ffe4cf39f4ca54b1ca254ea00389730c91f0 Mon Sep 17 00:00:00 2001 From: Peter Tripp Date: Wed, 20 Jan 2016 10:11:47 -0800 Subject: [PATCH] Shorten OpenSSL to 24 lines. Split keygen and csr to distinct examples. Standardize pathing. Remove commands which are just md5 verifying csr/key/csr. --- pages/common/openssl.md | 34 +++++++++++----------------------- 1 file changed, 11 insertions(+), 23 deletions(-) diff --git a/pages/common/openssl.md b/pages/common/openssl.md index c5dcbf97e..0ce7b4fdb 100644 --- a/pages/common/openssl.md +++ b/pages/common/openssl.md @@ -1,35 +1,23 @@ # openssl -> OpenSSL is a cryptography toolkit. +> OpenSSL cryptographic toolkit. -- Check an SSL connection: +- Generate a 2048bit RSA private key and save it to a file: -`openssl s_client -connect {{domain}}:{{port}}` +`openssl genrsa -out {{filename.key}} 2048` -- Generate new private key and CSR: +- Generate a certificate signing request to be sent to a certificate authority: -`openssl req -out {{path/to/CSR.csr}} -new -newkey rsa:2048 -nodes -keyout {{path/to/pivate.key}}` +`openssl req -new -sha256 -key {{filename.key}} -out {{filename.csr}}` -- Read contents of a certificate: +- Read contents of a signed certificate: -`openssl x509 -text -noout -in {{path/to/certificate.crt}}` +`openssl x509 -text -noout -in {{certificate.crt}}` -- Read contents of a private key: +- Display the certificate presented by an SSL/TLS server: -`openssl rsa -check -in {{path/to/pivate.key}}` +`openssl s_client -connect {{host}}:{{port}}