Openssl

From WikiWiki
Jump to navigation Jump to search

Some usefull Openssl commands


Comment Command
Convert pem (base64 certfiles) to pfx openssl pkcs12 -inkey privatekey.pem -in publiccert.pem -export -out output.pfx
remove passphrase from private key file openssl rsa -in EncryptedPrivateKey.pem -out PrivateKey.pem
convert private key to aes192 encrypted private key openssl rsa -in file.key -out aes192.key -aes192
match public and private key

openssl x509 -in cert.crt -text -noout -modulus

openssl rsa -in file.key -check -modulus

manually match moduli

read and verify private key openssl rsa -in file.key -text -check

View

View PEM encoded certificate

Use the command that has the extension of your certificate replacing cert.xxx with the name of your certificate

If you get the folowing error it means that you are trying to view a DER encoded certifciate and need to use the commands in the “View DER encoded certificate below”

View DER encoded Certificate

If you get the following error it means that you are trying to view a PEM encoded certificate with a command meant for DER encoded certs. Use a command in the “View PEM encoded certificate above


openssl.cnf: http://web.mit.edu/crypto/openssl.cnf

Transform

Transforms can take one type of encoded certificate to another. (ie. PEM To DER conversion)

PEM to DER

DER to PEM

https://support.ssl.com/Knowledgebase/Article/View/19/0/der-vs-crt-vs-cer-vs-pem-certificates-and-how-to-convert-them https://www.sslshopper.com/ssl-converter.html


create