Handy OpenSSL Commands

To convert a certificate from PEM to DER:
  • openssl x509 -in cert.txt -inform PEM -out cert.bin -outform DER
To convert a certificate from DER to PEM:
  • openssl x509 -in cert.bin -inform DER -out cert.txt -outform PEM
To convert a key from PEM to DER:
  • openssl rsa -in key.txt -inform PEM -out key.bin -outform DER
To convert a key from DER to PEM:
  • openssl rsa -in key.bin -inform DER -out key.txt -outform PEM
Convert a PEM+KEY to PKCS12:
  • openssl pkcs12 -export -out client.pfx -inkey keyfile.txt -in cert.txt -certfile root.txt
Extract Private Key from PKCS12:
  • openssl pkcs12 -in client.pfx -nocerts -out keyfile.txt
Extract Public Cert from PKCS12:
  • openssl pkcs12 -in client.pfx -clcerts -nokeys -out cert.txt
Remove Password from Private Key:
  • openssl rsa -in keyfile.txt -out unpassworded.txt
Generate a client key:
  • openssl genrsa -out client.key 4096
Build a certificate request:
  • openssl req -key client.key -new -out client.req
Build a certificate request (advanced):
  • openssl req -new -newkey rsa:2048 -nodes -keyout key.txt -out certreq.txt -days 3650
Display Certificate Details:
  • openssl x509 -text -in cert.txt
Test a SSL Host w/certificate:
  • openssl s_client -connect your.ssl.site:443 -CApath c:\rootcerts -cert test.cer -key test.key


Thanks to the following internet sources for their contributions to this document


Comments

Popular posts from this blog

Getting Started with GitHub and Visual Studio 2017

that new old thing: a date2num implementation in vb.net

Installing OTRS 4.0 on Ubuntu Linux 14.04 with a MSSQL Backend