From 53c6ffe4cf39f4ca54b1ca254ea00389730c91f0 Mon Sep 17 00:00:00 2001
From: Peter Tripp <petertripp@gmail.com>
Date: Wed, 20 Jan 2016 10:11:47 -0800
Subject: [PATCH 1/3] Shorten OpenSSL to 24 lines. Split keygen and csr to
 distinct examples. Standardize pathing. Remove commands which are just md5
 verifying csr/key/csr.

---
 pages/common/openssl.md | 34 +++++++++++-----------------------
 1 file changed, 11 insertions(+), 23 deletions(-)

diff --git a/pages/common/openssl.md b/pages/common/openssl.md
index c5dcbf97e..0ce7b4fdb 100644
--- a/pages/common/openssl.md
+++ b/pages/common/openssl.md
@@ -1,35 +1,23 @@
 # openssl
 
-> OpenSSL is a cryptography toolkit.
+> OpenSSL cryptographic toolkit.
 
-- Check an SSL connection:
+- Generate a 2048bit RSA private key and save it to a file:
 
-`openssl s_client -connect {{domain}}:{{port}}`
+`openssl genrsa -out {{filename.key}} 2048`
 
-- Generate new private key and CSR:
+- Generate a certificate signing request to be sent to a certificate authority:
 
-`openssl req -out {{path/to/CSR.csr}} -new -newkey rsa:2048 -nodes -keyout {{path/to/pivate.key}}`
+`openssl req -new -sha256 -key {{filename.key}} -out {{filename.csr}}`
 
-- Read contents of a certificate:
+- Read contents of a signed certificate:
 
-`openssl x509 -text -noout -in {{path/to/certificate.crt}}`
+`openssl x509 -text -noout -in {{certificate.crt}}`
 
-- Read contents of a private key:
+- Display the certificate presented by an SSL/TLS server:
 
-`openssl rsa -check -in {{path/to/pivate.key}}`
+`openssl s_client -connect {{host}}:{{port}} </dev/null`
 
-- Verify a CSR file:
+- Display the complete certificate chain of an HTTPS server:
 
-`openssl req -text -noout -verify -in {{path/to/CSR.csr}}`
-
-- Check MD5 hash of a certificate:
-
-`openssl x509 -noout -modulus -in {{path/to/certificate.crt}} | openssl md5`
-
-- Check MD5 hash of a private key:
-
-`openssl rsa -noout -modulus -in {{path/to/pivate.key}} | openssl md5`
-
-- Check MD5 hash of a CSR file:
-
-`openssl req -noout -modulus -in {{path/to/CSR.csr}} | openssl md5`
+`openssl s_client -connect {{google.com}}:{{443}} -showcerts </dev/null`

From 4cbfcfdc0d3654b096553fb005df44171f1ecbff Mon Sep 17 00:00:00 2001
From: Peter Tripp <peter@chartio.com>
Date: Fri, 22 Jan 2016 14:03:08 -0800
Subject: [PATCH 2/3] Replace viewing a csr example with example for creating a
 self signed certificate.

---
 pages/common/openssl.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pages/common/openssl.md b/pages/common/openssl.md
index 0ce7b4fdb..aca6a0e66 100644
--- a/pages/common/openssl.md
+++ b/pages/common/openssl.md
@@ -10,9 +10,9 @@
 
 `openssl req -new -sha256 -key {{filename.key}} -out {{filename.csr}}`
 
-- Read contents of a signed certificate:
+- Generate a self-signed certificate from a certificate signing request valid for some number of days:
 
-`openssl x509 -text -noout -in {{certificate.crt}}`
+`openssl x509 -req -days {{days}} -in {{filename.csr}} -signkey {{filename.key}} -out {{filename.crt}}`
 
 - Display the certificate presented by an SSL/TLS server:
 

From f61904c45cfb744293a1a1d96ea1ed4a68077121 Mon Sep 17 00:00:00 2001
From: Peter Tripp <petertripp@gmail.com>
Date: Tue, 9 Feb 2016 20:58:44 -0800
Subject: [PATCH 3/3] Consistent host variable.

---
 pages/common/openssl.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pages/common/openssl.md b/pages/common/openssl.md
index aca6a0e66..c38e9b195 100644
--- a/pages/common/openssl.md
+++ b/pages/common/openssl.md
@@ -20,4 +20,4 @@
 
 - Display the complete certificate chain of an HTTPS server:
 
-`openssl s_client -connect {{google.com}}:{{443}} -showcerts </dev/null`
+`openssl s_client -connect {{host}}:443 -showcerts </dev/null`