Linux‎ > ‎

SSL

View SSL Certificate on Web Server

echo | openssl s_client -connect hostname:443 2>/dev/null |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -text

View SSL Certificate on FTPS Server

echo | openssl s_client -starttls ftp -connect hostname:21 2>/dev/null |\
sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | openssl x509 -text






Selfsigned(self signed) SSL Cert

openssl genrsa -out hal.compute.info.key 2048 openssl req -new -x509 -days 365 -key hal.compute.info.key -out hal.compute.info.crt

Remove pass phrase (password) from an SSL cert

openssl rsa -in key.pem -out key.pem

EV SSL Cert the cert is p7b. you have to print the 3 certs in it (one real cert the other two are CAs)

openssl pkcs7 -in whomever.tld.cer -print_certs

then make the pfx with the real cert and the key.

openssl pkcs12 -export -in whomever.tld.cer -inkey whomever.tld.key -out whomever.tld.pfx

import the pfx to personal and the two other CAs to intermediate CA. Make sure to delete the expired CAs. Also no CAs should exist in personal. You can import the p7b in intermediate certs but remember to delete the actual cert from the intermediate CA folder.




Comments