Dernière version du 21 juillet 2022 à 13:47

Conversion

openssl x509 -outform der -in certificate.pem -out certificate.der

openssl crl2pkcs7 -nocrl -certfile certificate.pem -out certificate.p7b

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

openssl x509 -inform der -in certificate.cer -out certificate.pem

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem

openssl rsa -noout -text -in <key file>

openssl req -noout -text -in <csr file>

openssl x509 -noout -text -in <crt/pem file>

openssl x509 -noout -modulus -in server.pem | openssl md5 ;\
openssl rsa -noout -modulus -in server.key | openssl md5

openssl x509 -noout -fingerprint -sha1 -inform pem -in <crt/pem file>

openssl x509 -noout -fingerprint -sha256 -inform pem -in <crt/pem file>

@@ Ligne 1 : / Ligne 1 : @@
+[[category:security]]
 =Conversion=
@@ Ligne 16 : / Ligne 18 : @@
 <pre>openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem</pre>
-=Validity=
+=Validity / Information on a key=
-* D'une clé secrète :
+* Private key :
 <pre>openssl rsa -noout -text -in <key file></pre>
-* D'une requête :
+* Signing request :
-<pre>openssl req -noout -text in <csr file></pre>
+<pre>openssl req -noout -text -in <csr file></pre>
-* D'une clé publique :
+* Public key :
 <pre>openssl x509 -noout -text -in <crt/pem file></pre>
+* Check if public and private key matches :
+<pre>
+openssl x509 -noout -modulus -in server.pem | openssl md5 ;\
+openssl rsa -noout -modulus -in server.key | openssl md5
+</pre>
+=fingerprints=
+* SHA-1
+<pre>openssl x509 -noout -fingerprint -sha1 -inform pem -in <crt/pem file></pre>
+* SHA-256
+<pre>openssl x509 -noout -fingerprint -sha256 -inform pem -in <crt/pem file></pre>