Openssl cheatsheet

De Linux Server Wiki
Sauter à la navigation Sauter à la recherche


1 Conversion

1.1 PEM to DER

openssl x509 -outform der -in certificate.pem -out certificate.der

1.2 PEM to PKCS#7/P7B

openssl crl2pkcs7 -nocrl -certfile certificate.pem -out certificate.p7b

1.3 PEM to PKCS#12/PFX

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

1.4 DER to PEM

openssl x509 -inform der -in certificate.cer -out certificate.pem

1.5 Convert P7B to PEM

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem

2 Validity / Information on a key

  • Private key :
openssl rsa -noout -text -in <key file>
  • Signing request :
openssl req -noout -text in <csr file>
  • Public key :
openssl x509 -noout -text -in <crt/pem file>
  • Check if public and private key matches :
openssl x509 -noout -modulus -in server.pem | openssl md5 ;\
openssl rsa -noout -modulus -in server.key | openssl md5