Openssl

From Wiki
Jump to navigation Jump to search

Create a Certificate Signing Request (CSR)

openssl req -sha256 -newkey rsa:4096 -nodes -keyout my_server.key -out my_server.csr

Read a certificate

openssl x509 -noout -text -in yourcert.cert

The Issuer should be the Certificate Authority. The Subject should represent the organization behind the server.

Check a certificate

These commands should match for a certificate/private key pair: 

openssl x509 -noout -modulus -in certificate.crt | openssl md5

openssl rsa -noout -modulus -in privateKey.key | openssl md5

InCommon SSL

Download this one: "Certificate only, PEM encoded"

Additional wisdom here

https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs

http://stackoverflow.com/questions/26191463/ssl-error0b080074x509-certificate-routinesx509-check-private-keykey-values

Retrieved from "https://wiki.scott5.org/index.php?title=Openssl&oldid=1812"