Skip to main content

openssl summary

openssl is great tool but it is hard to remember its usage ... here is my summary.


PKCS#12 (pfx files)

man page  Wikipedia on PKCS12

Export public key 
openssl pkcs12 -in cert.pfx -clcerts -nokeys -out publicKey.pem

Export private key
openssl pkcs12 -in cert.pfx -nocerts -nodes -out privateKey.pem

X509 (CER files)

man page  Wikipedia on X.509

Dump certificate
openssl x509 -in cert.cer -noout -text

Convert CER to PEM 
openssl x509 -in cert.cer -outform pem -out a.pem

Convert CRL (revocation list file) to PEM format
openssl crl -inform der -in revocationListFile.crl -outform pem -out a.pem

Troublesooting

Try to connect over SSL
opeopenssl s_client -connect server:443

Try to ask OCSP question (check if certificate revoced)
openssl ocsp -issuer caCert.cer -cert certToCheck.cer -text -url ocspServerUrl

Understand value of SSLCipherSuite
openssl ciphers -v 'HIGH:MEDIUM:!aNULL:!MD5'

Comments

esign said…
It is really amazing! So many new things that I even didn't hear about them. Difficult to follow for a not professional, a private individual. The world goes on progressing by innovating and inventing.

Popular posts from this blog

Best freeware - XML editor

As a software developer, I open XML files all the time. I a heavy commercial XML editor. But nothing can compare to a small, thin and free XML editor like 'foxe'. A great feature is has is the alignment of long XML strings to readable XML format (Shift-F8). It help lot of times when the XML file was generated by some tool and was not readable. Homepage: http://www.firstobject.com/dn_editor.htm

Jenkins error: groovy.lang.MissingPropertyException

I tried to run groovy build step and got below error. This post will describe how I solved the problem. Caught: groovy.lang.MissingPropertyException: No such property: hudson for class: script

SSL in pictures

Here is my summary on SSL (or as I like to call it 'SSL for dummies')