Monday, June 25, 2007
Commonly used openssl commands
Here I am giving some of the commonly used openssl commands.
• Generate A Certificate Signing Request
openssl req -new -newkey rsa:1024 -keyout hostkey.pem -nodes -out hostcsr.pem
• Create A Self-Signed Certificate From A Certificate Signing Request
openssl req -x509 -days 365 -in hostcsr.pem -key hostkey.pem -out hostcert.pem
• Generate A Self-Signed Certificate From Scratch
openssl req -x509 -days 365 -newkey rsa:1024 -keyout hostkey.pem -nodes -out hostcert.pem
• Generating a certificate using the ca certificate generated above
openssl x509 -req -in sonycsr\ldapssllocal.pem -CA sonycerts\ca.pem -CAkey sonykeys\cakey.pem -CAcreateserial -out sonycerts\ldapssl.pem -days 1024
• View The Contents Of A Certificate Signing Request
openssl req -text -noout -in hostcsr.pem
• View The Contents Of A Certificate
openssl x509 -text -noout -in hostcert.pem
• View The Signer Of A Certificate
openssl x509 -in cert.pem -noout -issuer -issuer_hash
• Verify A Certificate Matches A Private Key
openssl rsa -in key.pem -noout -modulus
• Find The Hash Value Of A Certificate
openssl x509 -noout -hash -in cert.pem
• Create A Private Key
openssl genrsa -des3 -out key.pem 1024
• Encrypt A Private Key
openssl rsa -des3 -in hostkeyNOPASSWORD.pem -out
• Decrypt A Private Key
openssl rsa -in hostkeySECURE.pem -out hostkeyNOPASSWORD.pem
• Convert PEM Format Certificate To PKCS12 Format Certificate
openssl pkcs12 -export -in cert.pem -inkey key.pem -out cred.p12
• Convert PKCS12 Format Certificate To PEM Format Certificate
openssl pkcs12 -in cred.p12 -out certkey.pem -nodes -clcerts
Sorry, I was inactive on this blog for quite some time but I will try to post on this once again. In this blog I am trying to put some lig...
LDAP directory servers contain information about people: users, employees, customers, partners, and others. Many times, it makes sense to a...
What Are Objectclasses? Objectclasses are prototypes for entries that will actually exist in directory server. The objectclass definition (...
Most Oracle Applications 11i implementations are vulnerable to a significant security weakness in the encryption of passwords within the ap...