openssl x509 -in cert.crt -text -noout |
# Generate SSL private key self signed certificate for 10 years openssl req -x509 -newkey rsa:4096 -sha256 -keyout server.key -out cert.crt -days 3650 -nodes |
openssl req -out server.csr -new -sha256 -newkey rsa:4096 -nodes -keyout server.key cat server.csr |
than submit CSR to CA
openssl req -new -key server.key -out server.csr |
openssl req -new -key server.key -out server.csr -subj "/C=UA/ST=Kyiv/L=Kyiv/O=Company Name/OU=Department name/CN=example.com" -passin pass:password -passout pass:password |
openssl req -text -noout -verify -in server.csr |
# see the certificate openssl x509 -in cert.crt -text -noout # combine certificate and key in pem keypair file cat server.key server.crt > keypair.pem |
openssl s_client -connect server.example.com:443 |
openssl pkcs12 -in key-with-password.p12 -passin pass:password -out key-with-password.pem |
openssl rsa -in key-with-password.pem -out key.pem |