OpenSSL Cheat Sheet: 12 Common OpenSSL Commands

Posted on by
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

OpenSSL is an open-source software library and a powerful command-line tool for cryptography, encryption, and secure connections.

Despite some imperfections, OpenSSL remains a very popular tool for developers and administrators. OpenSSL users commonly use it for key generation and SSL certificate format conversion.

In this OpenSSL cheat sheet, we’ll take a look at the most common OpenSSL commands that are used worldwide.

OpenSSL common commands

OpenSSL Commands for Code Signing Request (CSR), Private Key, Self-signed Certificate Generation.

Generating a CSR and private key (generated without a passphrase)

openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key

Generating a CSR for an existing Private Key

openssl req -out CSR.csr -key privateKey.key -new

Generating a CSR based on an existing certificate

openssl x509 -x509toreq -in certificate.crt -out CSR.csr -signkey privateKey.key

Removing a password from a Private key

openssl rsa -in privateKey.pem -out newPrivateKey.pem

To generate a self-signed certificate

openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout certificate.key -out privateKey.crt

OpenSSL Commands to Display Iinformation About an Existing CSR, Private Key, or Certificate.

To check a CSR

openssl req -text -noout -verify -in CSR.csr

To check a private key

openssl rsa -in privateKey.key -check

To check a certificate

openssl x509 -in certificate.crt -text -noout

OpenSSL Commands for Certificate File Format Conversion

DER to PEM

openssl x509 -inform der -in certificate.cer -out certificate.pem

PEM file to DER

openssl x509 -outform der -in certificate.pem -out certificate.der

PEM to PKCS#12 (.pfx .p12)

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

PKCS#12 file (.pfx .p12) to PEM

openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes

You can find multiple online tools that can be used for the same encryption purposes, but OpenSSL remains the industry standard tool, ensuring the possibility for anyone getting access to privacy and secure communication.

Related posts:

  1. SNI on Apache: How to Host Multiple SSL Certificates on a Single IP Address
  2. Differences Between .CER and .CRT
  3. From CRT to PEM: A Simple Guide to SSL File Conversions
  4. How Do I Find My Comodo SSL Certificate Private Key?
  5. How to Install a Wildcard SSL Certificate on IIS 7 and IIS 8
  6. What is a SAN Certificate and How Does SAN SSL Work to Secure My Site?
  7. How to Install a Wildcard SSL certificate on NGINX
  8. HostGator Wildcard SSL: How to Install a Wildcard SSL Certificate on HostGator