Difference between revisions of "OpenSSL"
Jump to navigation
Jump to search
| Line 37: | Line 37: | ||
* [[Hash]] | * [[Hash]] | ||
* <code>[[openssl (command)]]</code> | * <code>[[openssl (command)]]</code> | ||
| + | * [[OpenSSL v3]] | ||
== Vulnerabilities == | == Vulnerabilities == | ||
Revision as of 19:21, 15 August 2022
OpenSSL (1988) is an open source implementation of the TSL cryptographic protocol, and its now-deprecated predecessor, Secure Sockets Layer (SSL) protocol.
Contents
CSR Examples
- Generate a new self signed certificate instead of a Certificate Signing Request (CSR)
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout private.key -out public.pem- Output a self-signed certificate instead of a certificate request
-nodes(short for no DES) do not encrypt private key-x509Output a self-signed certificate instead of a certificate request
- Output a self-signed certificate instead of a certificate request
- Generate a multi domain self signed certificate, read https://serverfault.com/questions/73689/how-to-create-a-multi-domain-self-signed-certificate-for-apache2
- Read certificate (CRT)
openssl x509 -text -noout -in root.crt
- Read CSR
openssl req -text -noout -in root.csr
Public keys
- Generate a public key from a PEM private key
openssl rsa -in mykey.pem -pubout > mykey.pub
Activities
- Generate a random number:
openssl rand -base64 32[1] - Save remote SSL cert as a file:
openssl s_client -showcerts -connect YOUR_DOMAIN.COM:443[2]openssl s_client -showcerts -connect YOUR_DOMAIN.COM<:443 </dev/null 2>/dev/null | openssl x509 -outform PEM > mycertfile.pem
Related terms
ansible-vault encrypt|decrypt|viewssh-keygen- Cypher
- Hash
openssl (command)- OpenSSL v3
Vulnerabilities
Related
pycryptopython library
See also
openssl[rand | s_client | passwd|openssl req|openssl rsa|openssl genrsa|openssl x509|openssl ca|openssl verify|openssl ec|openssl dgst|openssl pkcs12|openssl asn1parse|openssl help|.cer to .pem, openssl version- OpenSSL: RSA, ECDSA, WolfSSL, AES, Diffie-Hellman (DH) key-exchange,
/etc/ssl/openssl.cnf, OpenSSL v3 - OpenSSH (changelog):
/etc/ssh/sshd_config|/etc/ssh/ssh_config|~/.ssh/|openSSL | sshd logs|sftp|scp|authorized_keys|ssh-keygen|ssh-keyscan|ssh-add|ssh-agent|ssh|Ssh -O stop|ssh-copy-id|CheckHostIP|UseKeychain, OpenSSF - HTTP, HTTP client, HTTP/1.1, HTTP/2, HTTP/3, HTTPS, HSTS CSR, TLS, SSL,
openSSL, WebSockets, WebRTC,ssl_certificateQUIC, HPKP, CT, List of HTTP status codes, URL redirection, Content-type:, Webhook, HTTP headers,--insecure, Axios HTTP client, HTTP cookies, HTTP ETag - Encryption, openssl, ecryptfs, encfs, GPG, PGP, Symantec Encryption Desktop, VeraCrypt, CMEK, BitLocker, OAEP, Cypher
- Secrets: Kubernetes secrets,
ansible-vault, Hashicorp Vault, AWS Secrets Manager, Google Secret Manager,git-crypt, SOPS: Secrets OPerationS, Google Cloud Secret Manager - Public-key cryptography: RSA, DSA, ECDSA, EdDSA (Ed25519), AES, RSA Conference, hash,
pkeyutl, Signature, key length, Easyrsa, OAEP, Ron Rivest, Adi Shamir, Leonard Adleman - SSL: OpenSSL, LibreSSL, wolfSSL, BoringSSL, SSL pinning,
/etc/ssl/certs/,ca-certificates,/etc/ssl/, sslscan2
Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy.
Advertising:
