antonini · April 20, 2017 12:59 · Jan 10, 2017 · Jan 8, 2017 · Apr 1, 2016 · Apr 1, 2016
diff --git a/openssl_commands.md b/openssl_commands.md
@@ -64,6 +64,13 @@ Check a private key
 openssl rsa -in server.key -check
 ```
 
+Check a public key
+
+```sh
+openssl rsa -inform PEM -pubin -in pub.key -text -noout
+openssl pkey -inform PEM -pubin -in pub.key -text -noout
+```
+
 Check a certificate
 
 ```sh

diff --git a/openssl_commands.md b/openssl_commands.md
@@ -1,110 +1,116 @@
-#openssl
+# openssl
 
-###Install
+### Install
 
 Install the OpenSSL on Debian based systems
 
-```bash
+```sh
 sudo apt-get install openssl
 ```
 
-###Commands
+### Commands
 
 Create a private key
 
-```bash
+```sh
 openssl genrsa -out server.key 4096
 ```
 
 Generate a new private key and certificate signing request
 
-```bash
+```sh
 openssl req -out server.csr -new -newkey rsa:4096 -nodes -keyout server.key
 ```
 
 Generate a self-signed certificate
 
-```bash
+```sh
 openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:4096 -keyout server.key -out server.crt
 ```
 
 Generate a certificate signing request (CSR) for an existing private key
 
-```bash
+```sh
 openssl req -out server.csr -key server.key -new
 ```
 
 Generate a certificate signing request based on an existing certificate
 
-```bash
+```sh
 openssl x509 -x509toreq -in server.crt -out server.csr -signkey server.key
 ```
 
 Remove a passphrase from a private key
 
-```bash
+```sh
 openssl rsa -in server.pem -out newserver.pem
 ```
 
+Parse a list of revoked serial numbers
+
+```sh
+openssl crl -inform DER -text -noout -in list.crl
+```
+
 Check a certificate signing request (CSR)
 
-```bash
+```sh
 openssl req -text -noout -verify -in server.csr
 ```
 
 Check a private key
 
-```bash
+```sh
 openssl rsa -in server.key -check
 ```
 
 Check a certificate
 
-```bash
+```sh
 openssl x509 -in server.crt -text -noout
 openssl x509 -in server.cer -text -noout
 ```
 
 Check a PKCS#12 file (.pfx or .p12)
 
-```bash
+```sh
 openssl pkcs12 -info -in server.p12
 ```
 
 Verify a private key matches an certificate
 
-```bash
+```sh
 openssl x509 -noout -modulus -in server.crt | openssl md5
 openssl rsa -noout -modulus -in server.key | openssl md5
 openssl req -noout -modulus -in server.csr | openssl md5
 ```
 
 Display all certificates including intermediates
 
-```bash
+```sh
 openssl s_client -connect www.paypal.com:443
 ```
 
 Convert a DER file (.crt .cer .der) to PEM
 
-```bash
+```sh
 openssl x509 -inform der -in server.cer -out server.pem
 ```
 
 Convert a PEM file to DER
 
-```bash
+```sh
 openssl x509 -outform der -in server.pem -out server.der
 ```
 
 Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM
 
-```bash
+```sh
 openssl pkcs12 -in server.pfx -out server.pem -nodes
 ```
 
 Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)
 
-```bash
+```sh
 openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt -certfile CACert.crt
 ```
diff --git a/openssl_commands.md b/openssl_commands.md
@@ -13,19 +13,19 @@ sudo apt-get install openssl
 Create a private key
 
 ```bash
-openssl genrsa -out server.key 2048
+openssl genrsa -out server.key 4096
 ```
 
 Generate a new private key and certificate signing request
 
 ```bash
-openssl req -out server.csr -new -newkey rsa:2048 -nodes -keyout server.key
+openssl req -out server.csr -new -newkey rsa:4096 -nodes -keyout server.key
 ```
 
 Generate a self-signed certificate
 
 ```bash
-openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt
+openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:4096 -keyout server.key -out server.crt
 ```
 
 Generate a certificate signing request (CSR) for an existing private key

diff --git a/openssl_commands.md b/openssl_commands.md
@@ -2,7 +2,7 @@
 
 ###Install
 
-Install the OpenSSL on Debian based Systems
+Install the OpenSSL on Debian based systems
 
 ```bash
 sudo apt-get install openssl

diff --git a/openssl_commands.md b/openssl_commands.md
@@ -62,6 +62,7 @@ Check a certificate
 
 ```bash
 openssl x509 -in server.crt -text -noout
+openssl x509 -in server.cer -text -noout
 ```
 
 Check a PKCS#12 file (.pfx or .p12)
@@ -106,10 +107,4 @@ Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)
 
 ```bash
 openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt -certfile CACert.crt
-```
-
-Look at your certificate which must be installed on your system
-
-```bash
-openssl x509 -in server.cer -noout -text
 ```
diff --git a/openssl_commands.md b/openssl_commands.md
@@ -111,5 +111,5 @@ openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt -certfil
 Look at your certificate which must be installed on your system
 
 ```bash
-openssl x509 -in cerfile.cer -noout -text
+openssl x509 -in server.cer -noout -text
 ```
diff --git a/openssl_commands.md b/openssl_commands.md
@@ -28,7 +28,7 @@ Generate a self-signed certificate
 openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt
 ```
 
-Generate a certificate signing request (server) for an existing private key
+Generate a certificate signing request (CSR) for an existing private key
 
 ```bash
 openssl req -out server.csr -key server.key -new
@@ -46,7 +46,7 @@ Remove a passphrase from a private key
 openssl rsa -in server.pem -out newserver.pem
 ```
 
-Check a certificate signing request (server)
+Check a certificate signing request (CSR)
 
 ```bash
 openssl req -text -noout -verify -in server.csr
@@ -106,4 +106,10 @@ Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)
 
 ```bash
 openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt -certfile CACert.crt
+```
+
+Look at your certificate which must be installed on your system
+
+```bash
+openssl x509 -in cerfile.cer -noout -text
 ```
diff --git a/openssl_commands.md b/openssl_commands.md
@@ -1,5 +1,15 @@
 #openssl
 
+###Install
+
+Install the OpenSSL on Debian based Systems
+
+```bash
+sudo apt-get install openssl
+```
+
+###Commands
+
 Create a private key
 
 ```bash

diff --git a/openssl_commands.md b/openssl_commands.md
@@ -1,65 +1,71 @@
 #openssl
 
+Create a private key
+
+```bash
+openssl genrsa -out server.key 2048
+```
+
 Generate a new private key and certificate signing request
 
 ```bash
-openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout keystore.key
+openssl req -out server.csr -new -newkey rsa:2048 -nodes -keyout server.key
 ```
 
 Generate a self-signed certificate
 
 ```bash
-openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout keystore.key -out certificate.crt
+openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt
 ```
 
-Generate a certificate signing request (CSR) for an existing private key
+Generate a certificate signing request (server) for an existing private key
 
 ```bash
-openssl req -out CSR.csr -key keystore.key -new
+openssl req -out server.csr -key server.key -new
 ```
 
 Generate a certificate signing request based on an existing certificate
 
 ```bash
-openssl x509 -x509toreq -in certificate.crt -out CSR.csr -signkey keystore.key
+openssl x509 -x509toreq -in server.crt -out server.csr -signkey server.key
 ```
 
 Remove a passphrase from a private key
 
 ```bash
-openssl rsa -in keystore.pem -out newkeystore.pem
+openssl rsa -in server.pem -out newserver.pem
 ```
 
-Check a Certificate Signing Request (CSR)
+Check a certificate signing request (server)
 
 ```bash
-openssl req -text -noout -verify -in CSR.csr
+openssl req -text -noout -verify -in server.csr
 ```
 
 Check a private key
 
 ```bash
-openssl rsa -in keystore.key -check
+openssl rsa -in server.key -check
 ```
 
 Check a certificate
 
 ```bash
-openssl x509 -in certificate.crt -text -noout
+openssl x509 -in server.crt -text -noout
 ```
 
 Check a PKCS#12 file (.pfx or .p12)
 
 ```bash
-openssl pkcs12 -info -in keyStore.p12
+openssl pkcs12 -info -in server.p12
 ```
 
-Check an MD5 hash of the public key to ensure that it matches with what is in a CSR or private key
+Verify a private key matches an certificate
 
 ```bash
-openssl x509 -noout -modulus -in certificate.crt | openssl md5
-openssl rsa -noout -modulus -in keystore.key | openssl md5
-openssl req -noout -modulus -in CSR.csr | openssl md5
+openssl x509 -noout -modulus -in server.crt | openssl md5
+openssl rsa -noout -modulus -in server.key | openssl md5
+openssl req -noout -modulus -in server.csr | openssl md5
 ```
 
 Display all certificates including intermediates
@@ -71,23 +77,23 @@ openssl s_client -connect www.paypal.com:443
 Convert a DER file (.crt .cer .der) to PEM
 
 ```bash
-openssl x509 -inform der -in certificate.cer -out certificate.pem
+openssl x509 -inform der -in server.cer -out server.pem
 ```
 
 Convert a PEM file to DER
 
 ```bash
-openssl x509 -outform der -in certificate.pem -out certificate.der
+openssl x509 -outform der -in server.pem -out server.der
 ```
 
 Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM
 
 ```bash
-openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
+openssl pkcs12 -in server.pfx -out server.pem -nodes
 ```
 
 Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)
 
 ```bash
-openssl pkcs12 -export -out certificate.pfx -inkey keystore.key -in certificate.crt -certfile CACert.crt
+openssl pkcs12 -export -out server.pfx -inkey server.key -in server.crt -certfile CACert.crt
 ```
diff --git a/openssl_commands.md b/openssl_commands.md
@@ -0,0 +1,93 @@
+#openssl
+
+Generate a new private key and certificate signing request
+
+```bash
+openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout keystore.key
+```
+
+Generate a self-signed certificate
+
+```bash
+openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout keystore.key -out certificate.crt
+```
+
+Generate a certificate signing request (CSR) for an existing private key
+
+```bash
+openssl req -out CSR.csr -key keystore.key -new
+```
+
+Generate a certificate signing request based on an existing certificate
+
+```bash
+openssl x509 -x509toreq -in certificate.crt -out CSR.csr -signkey keystore.key
+```
+
+Remove a passphrase from a private key
+
+```bash
+openssl rsa -in keystore.pem -out newkeystore.pem
+```
+
+Check a Certificate Signing Request (CSR)
+
+```bash
+openssl req -text -noout -verify -in CSR.csr
+```
+
+Check a private key
+
+```bash
+openssl rsa -in keystore.key -check
+```
+
+Check a certificate
+
+```bash
+openssl x509 -in certificate.crt -text -noout
+```
+
+Check a PKCS#12 file (.pfx or .p12)
+
+```bash
+openssl pkcs12 -info -in keyStore.p12
+```
+
+Check an MD5 hash of the public key to ensure that it matches with what is in a CSR or private key
+
+```bash
+openssl x509 -noout -modulus -in certificate.crt | openssl md5
+openssl rsa -noout -modulus -in keystore.key | openssl md5
+openssl req -noout -modulus -in CSR.csr | openssl md5
+```
+
+Display all certificates including intermediates
+
+```bash
+openssl s_client -connect www.paypal.com:443
+```
+
+Convert a DER file (.crt .cer .der) to PEM
+
+```bash
+openssl x509 -inform der -in certificate.cer -out certificate.pem
+```
+
+Convert a PEM file to DER
+
+```bash
+openssl x509 -outform der -in certificate.pem -out certificate.der
+```
+
+Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM
+
+```bash
+openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
+```
+
+Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)
+
+```bash
+openssl pkcs12 -export -out certificate.pfx -inkey keystore.key -in certificate.crt -certfile CACert.crt
+```
No results found