Go to Qiita Advent Calendar 2024 Top
LoginSignup
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?

More than 3 years have passed since last update.

@toripiyo

openssl

Last updated at Posted at 2018-09-27

command

hash

sha256

  • calculate that data's sha256 value.
openssl sha256 <file_path>

certificate

check certificate information

  • If SNI(Server Name Indication) is used, '-servername' option is needed. If not, routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error error might be appeared.
_domain='target domain name'
openssl s_client -connect ${_domain}:443 -showcerts -servername ${_domain}

check certificate and key pair

# key
openssl rsa -noout -modulus -in <key_file> | openssl md5

# certificate
openssl x509 -noout -modulus -in <cert_file> | openssl md5

show certificate contents

  • cer extension
openssl x509 -inform der -noout -text -in <cerficiate>.cer

download remote host's server certificate chain

  • showcerts: display the whole server certificate chain
_domain='www.feistyduck.com'
echo | openssl s_client -showcerts -connect ${_domain}:443  -servername ${_domain} 2>&1 | sed -n '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > ${_domain}

show bundled certificate chain

openssl crl2pkcs7 -nocrl -certfile <bundled_file> | openssl pkcs7 -print_certs -text -noout

random

  • generate 48 random characters
openssl rand -base64 48

performance

  • check openssl performance
openssl speed -multi 2 aes
0
0
0

Register as a new user and use Qiita more conveniently

  1. You get articles that match your needs
  2. You can efficiently read back useful information
  3. You can use dark theme
What you can do with signing up
Sign upLogin
0
0

Delete article

Deleted articles cannot be recovered.

Draft of this article would be also deleted.

Are you sure you want to delete this article?