Scribd Logo
Upload

Welcome to Scribd!

  • Openssl CMD Qref

    Uploaded by

    henk1111
    14 views1 page
    This document provides a summary of OpenSSL command line syntax for performing cryptographic operations such as generating and signing certificates, encrypting and decrypting files, generating keys, and verifying signatures and digests. It lists commands for reading and generating certificates and certificate signing requests, signing certificates, revoking certificates, and converting between PEM and DER formats. It also provides examples of using OpenSSL to generate keys, examine keys, change passphrases, generate and verify digests and signatures, encrypt and decrypt files, and retrieve and inspect certificates from websites.

    Original Description:

    Original Title

    openssl-cmd-qref

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides a summary of OpenSSL command line syntax for performing cryptographic operations such as generating and signing certificates, encrypting and decrypting files, generating keys, and verifying signatures and digests. It lists commands for reading and generating certificates and certificate signing requests, signing certificates, revoking certificates, and converting between PEM and DER formats. It also provides examples of using OpenSSL to generate keys, examine keys, change passphrases, generate and verify digests and signatures, encrypt and decrypt files, and retrieve and inspect certificates from websites.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views1 page

    Openssl CMD Qref

    Uploaded by

    henk1111
    This document provides a summary of OpenSSL command line syntax for performing cryptographic operations such as generating and signing certificates, encrypting and decrypting files, generating keys, and verifying signatures and digests. It lists commands for reading and generating certificates and certificate signing requests, signing certificates, revoking certificates, and converting between PEM and DER formats. It also provides examples of using OpenSSL to generate keys, examine keys, change passphrases, generate and verify digests and signatures, encrypt and decrypt files, and retrieve and inspect certificates from websites.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    OpenSSL

    Reads a certificate: openssl x509 -text -in certif.crt [-noout] Reads a Certificate Signing Request: openssl req -text -in request.csr [-noout]

    command line syntax

    Generates a Certificate Signing Request for the public key of a key pair: openssl req -new -key private.key -out request.csr Generates a Certificate Signing Request after creating a new key pair: openssl req -new -nodes -keyout newprivate.key -out request.csr Signs a certificate: openssl ca -config ca.conf -in request.csr -out certif.cer -days validity [-verbose] Revokes a certificate: openssl ca -config ca.conf -gencrl -revoke certif.cer -crl_reason why Generates a Certificate Revocation List containing all revoked certificates so far: openssl ca -config ca.conf -gencrl -out crlist.crl

    Converts a certificate from PEM to DER: openssl x509 -in certif.pem -outform DER -out certif.der Converts a certificate from PEM to PKCS#12 including the private key: openssl pkcs12 -export -in certif.pem -inkey private.key -out certif.pfx [-name friendlyname]

    Generates the digest of a file: openssl dgst -hashfunction -out file.hash file Verifies the digest of a file: (pipes the result to the Unix command cmp; if no output, digest verification is successful) openssl dgst -hashfunction file | cmp -b file.hash Generates the signature of a file: openssl dgst -hashfunction -sign private.key -out file.sig file Verifies the signature of a file: openssl dgst -hashfunction -verify public.key -signature file.sig file Encrypts a file: openssl enc -e -cipher -in file -out file.enc [-salt] Decrypts a file: openssl enc -d -cipher -in file.enc -out file

    Generates a 2048-bit RSA key pair protected by TripleDES passphrase: openssl genpkey -algorithm RSA -cipher 3des -pkeyopt rsa_keygen_bits:2048 -out key.pem (for older versions of OpenSSL, use instead the command openssl genrsa -des3 -out key.pem 2048) Examines a private key: openssl pkey -text -in private.key [-noout] Changes a private key's passphrase: openssl pkey -in old.key -out new.key -cipher

    (for older versions of OpenSSL, use rsa instead of pkey)

    (for older versions of OpenSSL, use rsa instead of pkey)

    Retrieves a certificate from a website and inspects it: openssl s_client -connect www.website.com:443 > tmpfile Lists the available hashfunctions: openssl list-message-digest-commands Lists the available ciphers: openssl list-cipher-commands

    (hit Ctrl-C)

    openssl x509 -in tmpfile -text

    Recommended options are included within square brackets by Daniele Raffo www.crans.org/~raffo v1.5 25/7/2009

    You might also like