Certificats amb openssl

Crear un pfx a partir d’una clau privada i d’un certificat

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

Veure el mòdul d’una clau privada i treure’n el hash

openssl rsa -noout -modulus -in privateKey.key | openssl md5

Veure el contingut d’un certificat

openssl x509 -noout -text -in certificate.crt

Obtenir el certificat d’un servidor

openssl s_client -servername dmb-honsnzp9.authentication.us10.hana.ondemand.com -connect dmb-honsnzp9.authentication.us10.hana.ondemand.com:443 | openssl x509 -text

Obtenir la emprempta (thumbprint) d’un certificat

[SHA256] openssl x509 -noout -fingerprint -sha256 -inform pem -in [certificate-file.crt]
[SHA1] openssl x509 -noout -fingerprint -sha1 -inform pem -in [certificate-file.crt]
[MD5] openssl x509 -noout -fingerprint -md5 -inform pem -in [certificate-file.crt]

Convertir certificat PEM a DER

openssl x509 -outform der -in your-cert.pem -out your-cert.crt

Convertir certificat DER a PEM

openssl x509 -inform der -in CERTIFICATE.der -out CERTIFICATE.pem

Veure contingut certificat DER

openssl x509 -noout -text -inform der -in 03-cf-eu11-hana-ondemand-com.crt

Visites: 408