Openssl: Difference between revisions

Revision as of 18:18, 24 March 2016

openssl req -sha256 -newkey rsa:4096 -nodes -keyout my_server.key -out my_server.csr

openssl x509 -noout -text -in yourcert.cert

The Issuer should be the Certificate Authority. The Subject should represent the organization behind the server.

These commands should match for a certificate/private key pair:

openssl x509 -noout -modulus -in certificate.crt | openssl md5

openssl rsa -noout -modulus -in privateKey.key | openssl md5

@@ Line 1: / Line 1: @@
 {{lowercase title}}
-Read a certificate:
+== Create a Certificate Signing Request (CSR) ==
+<pre>
+openssl req -sha256 -newkey rsa:4096 -nodes -keyout my_server.key -out my_server.csr
+</pre>
+== Read a certificate ==
 <pre>
 openssl x509 -noout -text -in yourcert.cert
@@ Line 7: / Line 12: @@
 The Issuer should be the Certificate Authority.  The Subject should represent the organization behind the server.
+== Check a certificate ==
 These commands should match for a certificate/private key pair:
 <pre>
@@ Line 15: / Line 20: @@
 </pre>
-Additional wisdom here:
+== Additional wisdom here ==
 https://www.digitalocean.com/community/tutorials/openssl-essentials-working-with-ssl-certificates-private-keys-and-csrs
 http://stackoverflow.com/questions/26191463/ssl-error0b080074x509-certificate-routinesx509-check-private-keykey-values