Openssl commands

Following openssl commands help you to manage ssl when there is no control panel (such as cpanel) for the server. Such commands may be used in plain linux server.

a) How to generate a new private key and Certificate Signing Request
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key

b) Generate a self-signed certificate
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt

c) Generate a certificate signing request (CSR) for an existing private key
openssl req -out CSR.csr -key privateKey.key -new

d) Generate a certificate signing request based on an existing certificate
openssl x509 -x509toreq -in certificate.crt -out CSR.csr -signkey privateKey.key

e) Remove a passphrase from a private key
openssl rsa -in privateKey.pem -out newPrivateKey.pem

f) Check a Certificate Signing Request (CSR)
openssl req -text -noout -verify -in CSR.csr

g) Check a private key
openssl rsa -in privateKey.key -check

h) Check a certificate
openssl x509 -in certificate.crt -text -noout

i )Check an MD5 hash of the public key to ensure that it matches with what is in a CSR or private key
openssl x509 -noout -modulus -in certificate.crt | openssl md5
openssl rsa -noout -modulus -in privateKey.key | openssl md5
openssl req -noout -modulus -in CSR.csr | openssl md5

Revisions

There are no revisions for this post.

Tags: , , ,

No comments yet.

Leave a Reply