« Openssl cheatsheet » : différence entre les versions
Aller à la navigation
Aller à la recherche
(2 versions intermédiaires par le même utilisateur non affichées) | |||
Ligne 22 : | Ligne 22 : | ||
<pre>openssl rsa -noout -text -in <key file></pre> | <pre>openssl rsa -noout -text -in <key file></pre> | ||
* Signing request : | * Signing request : | ||
<pre>openssl req -noout -text in <csr file></pre> | <pre>openssl req -noout -text -in <csr file></pre> | ||
* Public key : | * Public key : | ||
<pre>openssl x509 -noout -text -in <crt/pem file></pre> | <pre>openssl x509 -noout -text -in <crt/pem file></pre> | ||
* Check if public | * Check if public and private key matches : | ||
<pre> | <pre> | ||
openssl x509 -noout -modulus -in server.pem | openssl md5 ;\ | openssl x509 -noout -modulus -in server.pem | openssl md5 ;\ | ||
openssl rsa -noout -modulus -in server.key | openssl md5 | openssl rsa -noout -modulus -in server.key | openssl md5 | ||
</pre> | </pre> | ||
=fingerprints= | |||
* SHA-1 | |||
<pre>openssl x509 -noout -fingerprint -sha1 -inform pem -in <crt/pem file></pre> | |||
* SHA-256 | |||
<pre>openssl x509 -noout -fingerprint -sha256 -inform pem -in <crt/pem file></pre> |
Dernière version du 21 juillet 2022 à 12:47
Conversion
PEM to DER
openssl x509 -outform der -in certificate.pem -out certificate.der
PEM to PKCS#7/P7B
openssl crl2pkcs7 -nocrl -certfile certificate.pem -out certificate.p7b
PEM to PKCS#12/PFX
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
DER to PEM
openssl x509 -inform der -in certificate.cer -out certificate.pem
Convert P7B to PEM
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem
Validity / Information on a key
- Private key :
openssl rsa -noout -text -in <key file>
- Signing request :
openssl req -noout -text -in <csr file>
- Public key :
openssl x509 -noout -text -in <crt/pem file>
- Check if public and private key matches :
openssl x509 -noout -modulus -in server.pem | openssl md5 ;\ openssl rsa -noout -modulus -in server.key | openssl md5
fingerprints
- SHA-1
openssl x509 -noout -fingerprint -sha1 -inform pem -in <crt/pem file>
- SHA-256
openssl x509 -noout -fingerprint -sha256 -inform pem -in <crt/pem file>