-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathopenssl
More file actions
15 lines (11 loc) · 771 Bytes
/
openssl
File metadata and controls
15 lines (11 loc) · 771 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
# Generate self-signed certificate for new private key
openssl req -x509 -newkey rsa:4096 -noenc -keyout key.pem -out cert.pem -days 365 -subj '/CN=localhost'
# Create PKCS12/PFX bundle from certificate and key
openssl pkcs12 -export -in cert.pem -inkey key.pem -certfile chain.pem -out bundle.p12
# Extract certificate and key from PKCS12/PFX
openssl pkcs12 -in bundle.p12 -out cert.pem -clcerts -nokeys
openssl pkcs12 -in bundle.p12 -out key.pem -nocerts [-noenc]
# Get certificate chain from server in PEM format
openssl s_client -showcerts -connect example.org:443 < /dev/null | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
# Show details of all certificates in chain
openssl crl2pkcs7 -nocrl -certfile chain.pem | openssl pkcs7 -print_certs -noout -text