https://old.andunix.net/ 2026-04-03T15:38:35+00:00 https://old.andunix.net/ https://old.andunix.net/_media/favicon.ico text/html 2013-02-18T14:26:27+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/openssl/compare_key_with_certificate Compare a Key with its Certificate Credit for this example goes to “Verifying that a Private Key Matches a Certificate” from the University of Wisconsin Knowledgebase. To see if a key server.key belongs to the certificate server.crt, they need to have the same “modulus” and “exponent”. openssl x509 -noout -text -in server.crt openssl rsa -noout -text -in server.key text/html 2014-04-28T08:07:54+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/openssl/debug_server_certificate_from_client Debug Server Certificate from Client Credit for this example goes to “ Checking A Remote Certificate Chain With OpenSSL” from langui.sh. openssl s_client -showcerts -connect www.andunix.net:443 Informations about the used arguments from the OpenSSL man page: * s_client: SSL/TLS client program * -showcerts: display the whole server certificate chain: normally only the server certificate itself is displayed. text/html 2014-11-20T08:13:01+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/openssl/generate_key Generate a Test Key openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout testkey.key -out testkey.crt Informations about the used arguments from the OpenSSL man page: * req: PKCS#10 certificate request and certificate generating utility. * -x509: this option outputs a self signed certificate instead of a certificate request. This is typically used to generate a test certificate or a self signed root CA. The extensions added to the certificate (if any) are specified in the configurati…