https://old.andunix.net/ 2026-06-03T23:08:00+00:00 https://old.andunix.net/ https://old.andunix.net/_media/favicon.ico text/html 2014-11-20T08:13:01+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/openssl/generate_key Generate a Test Key openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout testkey.key -out testkey.crt Informations about the used arguments from the OpenSSL man page: * req: PKCS#10 certificate request and certificate generating utility. * -x509: this option outputs a self signed certificate instead of a certificate request. This is typically used to generate a test certificate or a self signed root CA. The extensions added to the certificate (if any) are specified in the configurati… text/html 2015-01-29T09:15:22+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/openssl/print_key Print Information about a Key openssl x509 -inform DER -in testkey.cer -noout -text Informations about the used arguments from the OpenSSL man page: * x509: Certificate display and signing utility. * -inform DER: This specifies the input format normally the command will expect an X509 certificate but this can change if other options such as -req are present. The DER format is the DER encoding of the certificate and PEM is the base64 encoding of the DER encoding with header and footer lines … text/html 2013-02-18T14:27:02+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/openssl/print_all_certificates_in_a_file Print all certificates in a file This command is especially helpful if you want to use Tomcat-/Java-Keystore-Certificates with the Apache webserver. Use the -print_certs to print all the certificates and then cut the file and store each certificate in a single file. text/html 2015-12-09T07:36:40+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/openssl/print_certificate Print Information about a Certificate openssl x509 -in testkey.crt -noout -text Informations about the used arguments from the OpenSSL man page: * x509: Certificate display and signing utility. * -in testkey.crt: This specifies the input filename to read a certificate from or standard input if this option is not specified. text/html 2014-04-28T08:07:54+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/openssl/debug_server_certificate_from_client Debug Server Certificate from Client Credit for this example goes to “ Checking A Remote Certificate Chain With OpenSSL” from langui.sh. openssl s_client -showcerts -connect www.andunix.net:443 Informations about the used arguments from the OpenSSL man page: * s_client: SSL/TLS client program * -showcerts: display the whole server certificate chain: normally only the server certificate itself is displayed. text/html 2015-02-11T14:42:38+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/openssl/download_server_certificate Download a Server Certificate First, load the certificate chain from the server: openssl s_client -showcerts -connect www.example.org:443 </dev/null This will output the whole server certificate chain. Every chertificate ist wrapped between ----- text/html 2013-02-04T22:17:20+00:00 Anonymous (anonymous@undisclosed.example.com) https://old.andunix.net/info/cryptography/plaintext Plaintext The plaintext is unencrypted and unsigned text. It's the payload which then get's signed and/or encrypted. Wikipedia defines plaintext as: " In cryptography, plaintext is information a sender wishes to transmit to a receiver. Cleartext is often used as a synonym. Before the computer era, plaintext most commonly meant message text in the language of the communicating parties. Plaintext has reference to the operation of cryptographic algorithms, usually encryption algorithms, and is …