We help you to
Build Your Dream Website
Web site not working? Domain Name not resolving? Email not arriving? Find out what is wrong, at the Domain Hospital.
CHECK INTO THE CLINIC
CHECK INTO THE CLINIC
OpenSSL is a widely used tool to secure data over the internet. It is an opensource tool commonly used in https websites and has become a standard in its own right.
OpenSSL is available for most Unix-like operating systems (including Linux, macOS, and BSD) and Microsoft Windows.
Below is a list of useful openssl command lines:
Command to generate a Private Key
openssl genrsa -out example.key 2048
Command to generate a Private Key and a Self Signed Certificate
openssl req -out example.cert -new -newkey rsa:2048 -nodes -keyout example.key
Command to Check your Private Key
openssl rsa -in example.key -check
Command to create a self-signed certificate which is valid for 365 days
openssl req -newkey rsa:2048 -nodes -keyout example.key -x509 -days 365 -out example-selfsignedcertificate.crt
Command to create a CSR from an existing certificate
openssl -in certificate.pem -out CSR.pem -signkey privatekey.pem
command to generate a CSR if you have already generated a private key:
openssl req -new -key example.pem -out example.csr
Command to generate a Private Key and a CSR (Certificate Signing Request)
openssl req -out example.csr -new -newkey rsa:2048 -nodes -keyout example.key
Command to remove a password from a password protected private key
openssl rsa -in example-privatekey.pem -out example-newprivatekey.pem
Decode a CSR file
openssl req -noout -text -in example.csr
Certificate Decoder
openssl x509 -in certificate.pem -text -noout
Check who issued the certificate
openssl x509 -in certificate.pem -noout -issuer -issuer_hash
Check the hash value of the certificate
openssl x509 -noout -hash -in certificate.pem
Check contents of PKCS12 format cert
openssl pkcs12 –info –nodes –in certtificate.p12
Test SSL certificate of particular URL
openssl s_client -connect domainhospital.com:443 –showcerts
Check Certificate Expiration
openssl x509 -noout -in certificate.pem -dates
Different platforms and devices require SSL certificates to be converted to different formats such as such as pem, der, p7b, and pfx.
DER to PEM
openssl x509 –inform der –in certifocate.der –out certificate.pem
Convert PEM to DER
openssl x509 –outform der –in certificate.pem –out certificate.der
Convert PEM to P7B
openssl crl2pkcs7 -nocrl -certfile certificate.pem -out certificate.p7b
Convert PEM to PFX
openssl pkcs12 -export -out certificate.pfx -inkey privateKey.pem -in certificate.pem
Convert P7B to PEM
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem
Convert P7B to PFX
openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pfx
Convert PFX to PEM
openssl pkcs12 -in certificate.pfx -out certificate.pem -nodes
PKCS12 to PEM
openssl pkcs12 –in certificate.p12 –out certificate.pem
