ctome
/
tldr
mirror of https://github.com/CrimsonTome/tldr.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

openssl: add subcommand pages (#4886)

beep
Mat 2020-10-28 20:03:16 +01:00 committed by GitHub
parent c84a806560
commit 5819677893
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 54 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
pages/common/openssl-req.md Normal file
View File

@ -0,0 +1,12 @@
# openssl req
> OpenSSL command to manage PKCS#10 Certificate Signing Requests.
> More information: <https://www.openssl.org/docs/manmaster/man1/openssl-req.html>.
- Generate a certificate signing request to be sent to a certificate authority:
`openssl req -new -sha256 -key {{filename.key}} -out {{filename.csr}}`
- Generate a selfsigned certificate and a corresponding keypair, storing both in a file:
`openssl req -new -x509 -newkey {{rsa}}:{{4096}} -keyout {{filename.key}} -out {{filename.cert}} -subj "{{/C=XX/CN=foobar}}" -days {{365}}`

16
pages/common/openssl-s_client.md Normal file
View File

@ -0,0 +1,16 @@
# openssl s_client
> OpenSSL command to create TLS client connections.
> More information: <https://www.openssl.org/docs/manmaster/man1/openssl-s_client.html>.
- Display the start and expiry dates for a domain's certificate:
`openssl s_client -connect {{host}}:{{port}} 2>/dev/null | openssl x509 -noout -dates`
- Display the certificate presented by an SSL/TLS server:
`openssl s_client -connect {{host}}:{{port}} </dev/null`
- Display the complete certificate chain of an HTTPS server:
`openssl s_client -connect {{host}}:443 -showcerts </dev/null`

20
pages/common/openssl-x509.md Normal file
View File

@ -0,0 +1,20 @@
# openssl x509
> OpenSSL command to manage X.509 certificates.
> More information: <https://www.openssl.org/docs/manmaster/man1/openssl-x509.html>.
- Display certificate information:
`openssl x509 -in {{filename.crt}} -noout -text`
- Display a certificate's expiration date:
`openssl x509 -enddate -noout -in {{filename.pem}}`
- Convert a certificate between binary DER encoding and textual PEM encoding:
`openssl x509 -inform {{der}} -outform {{pem}} -in {{original_certificate_file}} -out {{converted_certificate_file}}`
- Store a certificate's public key in a file:
`openssl x509 -in {{certificate_file}} -noout -pubkey -out {{output_file}}`

32
pages/common/openssl.md
View File

@ -3,34 +3,14 @@
> OpenSSL cryptographic toolkit.
> More information: <https://www.openssl.org>.
- Generate a 2048bit RSA private key and save it to a file:
- Print a list of available subcommands:
`openssl genrsa -out {{filename.key}} 2048`
`openssl help`
- Generate a certificate signing request to be sent to a certificate authority:
- Print options for a specific subcommand:
`openssl req -new -sha256 -key {{filename.key}} -out {{filename.csr}}`
`openssl help {{x509}}`
- Generate a self-signed certificate from a certificate signing request valid for some number of days:
- Print the version of OpenSSL:
`openssl x509 -req -days {{days}} -in {{filename.csr}} -signkey {{filename.key}} -out {{filename.crt}}`
- Display certificate information:
`openssl x509 -in {{filename.crt}} -noout -text`
- Display a certificate's expiration date:
`openssl x509 -enddate -noout -in {{filename.pem}}`
- Display the start and expiry dates for a domain's certificate:
`openssl s_client -connect {{host}}:{{port}} 2>/dev/null | openssl x509 -noout -dates`
- Display the certificate presented by an SSL/TLS server:
`openssl s_client -connect {{host}}:{{port}} </dev/null`
- Display the complete certificate chain of an HTTPS server:
`openssl s_client -connect {{host}}:443 -showcerts </dev/null`
`openssl version`