openssl genrsa -des3 -out server.key 2048 openssl req -new -key server.key -out server.csr openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
openssl x509 -noout -modulus -in <file>.crt | openssl md5 openssl rsa -noout -modulus -in <file>.key | openssl md5
Si les 2 commandes ne génèrent pas le meme md5 c'est que le le .key n'est pas celui qui à servi pour générer le .crt.
$ openssl x509 -hash -in ssl/server.crt -noout deb1aaa8
$ openssl x509 -noout -issuer -subject -in google.crt -nameopt multiline issuer= countryName = US organizationName = Google Inc commonName = Google Internet Authority G2 subject= countryName = US stateOrProvinceName = California localityName = Mountain View organizationName = Google Inc commonName = google.com
openssl verify ssl/server.crt
$ openssl verify -CAfile ssl/ca.crt ssl/server.crt ssl/server.crt: OK
openssl req -noout -text -in keys/server.csr
openssl x509 -noout -text -in <file>.crt
openssl x509 -noout -text -in nnn -inform DER
openssl x509 -fingerprint -noout -in client.crt
openssl x509 -in input.crt -inform PEM –out output.crt -outform DER
openssl rsa -in input.key -inform PEM -out output.key -outform DER
openssl x509 -in input.crt -inform DER -out output.crt -outform PEM
openssl rsa -in input.key -inform DER -out output.key -outform PEM
openssl s_client -showcerts -connect www.google.com:443 openssl s_client -port 443 -host www.google.com
openssl s_client -connect 127.0.0.1:9999
openssl smime -sign -in message -out signed-message \ -signer /path/to/your/certificate.pem \ -inkey /path/to/your/secret-key.pem -text
openssl smime -encrypt -out encrypted-signed-message \ -in signed-message /path/to/intended-operators/certificate.pem
openssl smime -decrypt -in encrypted-signed-message \ -out received-msg \ -recip /path/to/operators/certificate.pem \ -inkey /path/to/operators/private-key.pem
$ tar -zcf - directory | openssl aes-128-cbc -salt -out directory.tar.gz.aes # Encrypt $ openssl aes-128-cbc -d -salt -in directory.tar.gz.aes | tar -xz -f - # Decrypt
$ openssl aes-128-cbc -salt -in file -out file.aes $ openssl aes-128-cbc -d -salt -in file.aes -out file
openssl smime -verify -text -CApath /global/globus/share/certificates \ -in received-msg