OpenSSL

OpenSSL (1988) is an open source implementation of the TSL cryptographic protocol, and its now-deprecated predecessor, Secure Sockets Layer (SSL) protocol.

CSR Examples[edit]

Generate a new self signed certificate instead of a Certificate Signing Request (CSR)

openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout private.key -out public.pem

Output a self-signed certificate instead of a certificate request

-nodes (short for no DES) do not encrypt private key

-x509 Output a self-signed certificate instead of a certificate request

Generate a multi domain self signed certificate, read https://serverfault.com/questions/73689/how-to-create-a-multi-domain-self-signed-certificate-for-apache2

Read certificate (CRT)

openssl x509 -text -noout -in root.crt

Read CSR

openssl req -text -noout -in root.csr

Public keys[edit]

Generate a public key from a PEM private key

openssl rsa -in mykey.pem -pubout > mykey.pub

Activities[edit]

Generate a random number: openssl rand -base64 32^[1]
Save remote SSL cert as a file:
- openssl s_client -showcerts -connect YOUR_DOMAIN.COM:443^[2]
- openssl s_client -showcerts -connect YOUR_DOMAIN.COM<:443 </dev/null 2>/dev/null | openssl x509 -outform PEM > mycertfile.pem

Encrypt and decrypt files using openssl enc

Related terms[edit]

ansible-vault encrypt|decrypt|view
ssh-keygen
Cypher
Hash

Vulnerabilities[edit]

See also[edit]

openssl, openssl rand, openssl s_client, openssl req, openssl genrsa, openssl x509, openssl ca, openssl verify
OpenSSL: RSA, ECDSA, WolfSSL, AES, Diffie-Hellman (DH) key-exchange, /etc/ssl/openssl.cnf
OpenSSH (changelog), /etc/ssh/sshd_config, /etc/ssh/ssh_config, ~/.ssh/, openSSL, sshd logs, sftp, scp, authorized_keys, ssh-keyscan, ssh-add, ssh-keygen, ssh, Ssh -O stop
HTTP, HTTP/2, HTTP/3, HTTPS, CSR, TLS, SSL, HSTS, openSSL, WebSockets, WebRTC, ssl_certificate QUIC
encfs
GPG
pbcopy macOS command
secrets: Kubernetes secrets, ansible-vault, Hashicorp Vault
Public-key cryptography: RSA, DSA, ECDSA, EdDSA (Ed25519), AES, RSA Conference, hash, pkeyutl
SSL: OpenSSL, LibreSSL, wolfSSL

Text is available under the Creative Commons Attribution-ShareAlike License; additional terms may apply. By using this site, you agree to the Terms of Use and Privacy Policy.

Source: https://en.wikiversity.org/wiki/OpenSSL

[1] ttps://www.howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/

[2] ttps://superuser.com/questions/97201/how-to-save-a-remote-server-ssl-certificate-locally-as-a-file

[1]

[2]

OpenSSL

Contents

CSR Examples[edit]

Public keys[edit]

Activities[edit]

Related terms[edit]

Vulnerabilities[edit]

See also[edit]

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools