2,306
edits
Changes
Jump to navigation
Jump to search
Line 24:
Line 24: + + + + + + + + + + + + + + + + + + + + + + + + + + + Line 552:
Line 579: − = Check = − == Check a Certificate Signing Request (CSR) == − openssl req -text -noout -verify -in CSR.csr − − == Check a private key == − openssl rsa -in privateKey.key -check − − == Check a certificate == − openssl x509 -in certificate.crt -text -noout − − == Check a PKCS#12 file (.pfx or .p12) == − openssl pkcs12 -info -in keyStore.p12</nowiki> − − == Check an SSL connection. All the certificates (including Intermediates) should be displayed == − openssl s_client -connect www.paypal.com:443 − − = Convert = − == Convert a DER file (.crt .cer .der) to PEM == − openssl x509 -inform der -in certificate.cer -out certificate.pem − − == Convert a PEM file to DER == − openssl x509 -outform der -in certificate.pem -out certificate.der − == Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM == − openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes − == Convert a PEM certif icate file and a private key to PKCS#12 (.pfx .p12) == − openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
no edit summary
Fuente: www.akadia.com/services/ssh_test_certificate.html
Fuente: www.akadia.com/services/ssh_test_certificate.html
= Check =
== Check a Certificate Signing Request (CSR) ==
openssl req -text -noout -verify -in CSR.csr
== Check a private key ==
openssl rsa -in privateKey.key -check
== Check a certificate ==
openssl x509 -in certificate.crt -text -noout
== Check a PKCS#12 file (.pfx or .p12) ==
openssl pkcs12 -info -in keyStore.p12</nowiki>
== Check an SSL connection. All the certificates (including Intermediates) should be displayed ==
openssl s_client -connect www.paypal.com:443
= Convert =
== Convert a DER file (.crt .cer .der) to PEM ==
openssl x509 -inform der -in certificate.cer -out certificate.pem
== Convert a PEM file to DER ==
openssl x509 -outform der -in certificate.pem -out certificate.der
== Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM ==
openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
== Convert a PEM certif icate file and a private key to PKCS#12 (.pfx .p12) ==
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
== SubjectAltName ==
== SubjectAltName ==
Find your openssl.cnf file. It is likely located in /usr/lib/ssl/openssl.cnf
Find your openssl.cnf file. It is likely located in /usr/lib/ssl/openssl.cnf
openssl x509 -req -days 365 -in hostname.example.com.csr -signkey hostname.example.com.key -out hostname.example.com.crt -extensions v3_req -extfile v3.cnf</nowiki>
openssl x509 -req -days 365 -in hostname.example.com.csr -signkey hostname.example.com.key -out hostname.example.com.crt -extensions v3_req -extfile v3.cnf</nowiki>