Fulltext results:
- Generate a Test Key @info:cryptography:openssl
- nssl.org/docs/apps/req.html|req]]'': PKCS#10 certificate request and certificate generating utility. * ''[[http://www.openssl.org/docs/apps/req.html#ite... -x509]]'': this option outputs a self signed certificate instead of a certificate request. This is typically used to generate a test certificate or a self
- Debug Server Certificate from Client @info:cryptography:openssl
- ====== Debug Server Certificate from Client ====== Credit for this example goes to "[[http://langui.sh/2009/03/14/checking-a-remote-certificate-chain-with-openssl/| Checking A Remote Certificate Chain With OpenSSL]]" from [[http://langui.sh/... rts|-showcerts]]'': display the whole server certificate chain: normally only the server certificate i
- Download a Server Certificate @info:cryptography:openssl
- ====== Download a Server Certificate ====== First, load the certificate chain from the server: <code bash> openssl s_client -showcerts -connect www... l </code> This will output the whole server certificate chain. Every chertificate ist wrapped between
- Print all certificates in a file @info:cryptography:openssl
- ====== Print all certificates in a file ====== This command is especially helpful if you want to use Tomcat-/Java-Keystore-Certificates with the Apache webserver. Use the -print_certs to print all the certificates and then cut the file and store each certifi
- Print Information about a Key @info:cryptography:openssl
- ww.openssl.org/docs/apps/x509.html|x509]]'': Certificate display and signing utility. * ''[[http://w... x509.html#item__inform|-inform DER]]'': This specifies the input format normally the command will expect an X509 certificate but this can change if other options such as ... t. The DER format is the DER encoding of the certificate and PEM is the base64 encoding of the DER enc
- Compare a Key with its Certificate @info:cryptography:openssl
- ====== Compare a Key with its Certificate ====== Credit for this example goes to "[[https://kb.wisc.e... =4064|Verifying that a Private Key Matches a Certificate]]" from the [[https://kb.wisc.edu/|University... o see if a key ''server.key'' belongs to the certificate ''server.crt'', they need to have the same "m... sl rsa -noout -modulus -in server.key Example: <file> $ openssl x509 -noout -modulus -in server.cer
- Print Information about a Certificate @info:cryptography:openssl
- ====== Print Information about a Certificate ====== openssl x509 -in testkey.crt -noout -text Info... ww.openssl.org/docs/apps/x509.html|x509]]'': Certificate display and signing utility. * ''[[http://w... x509.html#item__in|-in testkey.crt]]'': This specifies the input filename to read a certificate from or standard input if this option is not specified.
- Convert a Key @info:cryptography:openssl
- em -inkey key.pem -out key.p12 ===== Export Certificate from P12 ===== Export the certificate with the complete certificate chain: openssl pkcs12 -in testkey.p12 -out testkey.pem -nokeys Export the certificate only: openssl pkcs12 -in testkey.p12 -out t
- Convert a Certificate @info:cryptography:openssl
- ====== Convert a Certificate ====== ===== Convert DER to PEM ===== openssl x509 -inform der -in te... -outform der -in testkey.pem -out testkey.der {{tag>openssl security cryptography certificate howto}}
- Cryptography
- nemonic for myself, but I'm happy if someone else finds it helpful too. {{indexmenu>.}} {{tag>crypto
- Plaintext
- then get's signed and/or encrypted. Wikipedia defines [[http://en.wikipedia.org/wiki/Plaintext|plain
