2025-03-14 21:59:59 -06:00
|
|
|
# openssl
|
|
|
|
|
|
|
|
|
|
> OpenSSL cryptographic toolkit.
|
|
|
|
|
> Some subcommands such as `req` have their own usage documentation.
|
2025-12-16 10:20:31 -07:00
|
|
|
> More information: <https://docs.openssl.org/master/man1/openssl/>.
|
2025-03-14 21:59:59 -06:00
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
- Generate a private key and encrypt the output file using AES256:
|
2025-03-14 21:59:59 -06:00
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`openssl genpkey -algorithm {{rsa|ec}} -out {{private.key}} -aes256`
|
|
|
|
|
|
|
|
|
|
- Generate the corresponding public key from private key `private.key` using `rsa`:
|
|
|
|
|
|
|
|
|
|
`openssl rsa -in {{private.key}} -pubout -out {{public.key}}`
|
|
|
|
|
|
|
|
|
|
- Generate a self-signed certificate valid for a specified number of days (`365`):
|
|
|
|
|
|
|
|
|
|
`openssl req -new -x509 -key {{private.key}} -out {{certificate.crt}} -days {{365}}`
|
|
|
|
|
|
|
|
|
|
- Convert certificate to `pem` or `der` format:
|
2025-03-14 21:59:59 -06:00
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
`openssl x509 -in {{certificate.crt}} -out {{certificate.pem|certificate.der}} -outform {{pem|der}}`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
2025-12-16 10:20:31 -07:00
|
|
|
- Check certificate details:
|
|
|
|
|
|
|
|
|
|
`openssl x509 -in {{certificate.crt}} -text -noout`
|
|
|
|
|
|
|
|
|
|
- Generate a certificate signing request (CSR):
|
|
|
|
|
|
|
|
|
|
`openssl req -new -key {{private.key}} -out {{request.csr}}`
|
|
|
|
|
|
|
|
|
|
- Display help:
|
|
|
|
|
|
|
|
|
|
`openssl help`
|
2025-03-14 21:59:59 -06:00
|
|
|
|
|
|
|
|
- Display version:
|
|
|
|
|
|
|
|
|
|
`openssl version`
|
