SSL

OpenSSL Commands

realworlditComments Off on OpenSSL Commands

It can be useful to check a certificate and key before applying them to a server. The following commands verify the certificate, key and CSR (Certificate Signing Request).

To check the certificate

openssl x509 -in website.cert -text -noout

To check a key

openssl rsa -in website.key -check

To check the CSR

openssl req -text -noout -verify -in website.csr

To check the md5 checksums match of the certificate, key and csr; the checksums can be compared to verify. It will print out the checksum, as long as they are all the same you know you are good.

openssl x509 -noout -modules -in website.cert | openssl md5
openssl rsa -noout -modulus -in website.key | openssl md5
openssl req -noout -modulus -in website.csr | openssl md5

Or you can use these commands

openssl pkey -pubout -in website.key | openssl sha256
openssl req -pubkey -in website.csr -noout | openssl sha256
openssl x509 -pubkey -in website.cer -noout | openssl sha256

This command shows the certificate and all the information about it

openssl s_client -connect www.website.com:443 2>/dev/null

This command shows the fingerprint

openssl s_client -connect www.website.com:443 2>/dev/null | openssl x509 -noout -fingerprint

This command shows other information about it, like the validity and SAN

openssl s_client -connect www.website.com:443 2>/dev/null | openssl x509 -noout -text

This command shows the certificate itself encoded

openssl s_client -connect www.website.com:443 2>/dev/null | openssl x509

This command shows the expiration date 

openssl s_client -connect www.website.com:443 2>/dev/null | openssl x509 -noout -dates

Related Articles
Git

Git – Add a forked repo branch to the upstream repo

realworldit

If you have a forked repo and need to do a merge request/ pull request to the upstream repo but you don’t have permissions to run the MR/PR pipelines and don’t have any pipelines in the forked repo. Then the solution is to bring the forked repo into the upstream repo as a branch and […]
Azure PowerShell Terraform

Create an Azure Service Principal for Terraform

realworldit

To use Azure and Terraform together you need a way to authenticate against the Azure Tenant. Like you do as a user, applications need a way to do the same. But instead of creating a user account, we create a Service Principal account. To do this we need to register an application in Azure Active Directory. […]
Azure

finding the right Azure Virtual Machine Extension

realworldit

Azure virtual machine (VM) extensions are small applications that provide post-deployment configuration and automation tasks on Azure VMs. For example, if a virtual machine requires software installation, anti-virus protection, or to run a script inside of it, a VM extension can be used. The command below can be used to find the extension you are after.