Last active
April 1, 2023 22:44
-
-
Save josefglatz/c9802f7bed054fb23c7054265e7fda42 to your computer and use it in GitHub Desktop.
Revisions
-
josefglatz revised this gist
Mar 19, 2018 . 1 changed file with 6 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -47,4 +47,10 @@ openssl x509 -noout -modulus -in cert.pem Alternative use `diff` ```bash diff <(openssl rsa -noout -modulus -in server.key) <(openssl x509 -noout -modulus -in cert.pem) ``` ## Check if your Certificate Sign Request matches ```bash openssl req -noout -modulus -in yourCertificateSignRequestFile.csr ``` -
Mar 19, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -33,7 +33,7 @@ openssl rsa -in key.pem -nocerts -out server.key * `key.pem` contains private key (secured by passphrase) * `server.key` contains the private key without passphrase --- ## Check if your certificate matches the key file > You won't find a modulus if your private key or your certificate is signed with ECC (Elliptic Curve Cryptography)! -
Mar 19, 2018 . 1 changed file with 14 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -33,4 +33,18 @@ openssl rsa -in key.pem -nocerts -out server.key * `key.pem` contains private key (secured by passphrase) * `server.key` contains the private key without passphrase -- ## Check if your certificate matches the key file > You won't find a modulus if your private key or your certificate is signed with ECC (Elliptic Curve Cryptography)! Run following commands and compare the output. The modulus is the same if they match. ```bash openssl rsa -noout -modulus -in server.key openssl x509 -noout -modulus -in cert.pem ``` Alternative use `diff` ```bash diff <(openssl rsa -noout -modulus -in server.key) <(openssl x509 -noout -modulus -in cert.pem) ``` -
Mar 19, 2018 . 1 changed file with 2 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -4,6 +4,8 @@ `stern-domain-at.pfx` (optionally secured with passphrase) **Openssl needs to be installed** ## Commands Export certificate -
Mar 19, 2018 . 1 changed file with 1 addition and 1 deletion.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -1,4 +1,4 @@ # How to extract certificate and private key from a PFX file ## Given PFX file -
Mar 19, 2018 . No changes.There are no files selected for viewing
-
Mar 19, 2018 . 1 changed file with 6 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -23,6 +23,12 @@ Remove passphrase from the exported private key ```bash openssl rsa -in key.pem -nocerts -out server.key ``` --- ## Final results * `cert.pem` contains a number of certificates (Public, Intermidiate, Root) * `key.pem` contains private key (secured by passphrase) * `server.key` contains the private key without passphrase -
Mar 19, 2018 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,28 @@ # Extract Certificate and Private Key from PFX file ## Given PFX file `stern-domain-at.pfx` (optionally secured with passphrase) ## Commands Export certificate ```bash openssl pkcs12 -in stern-domain-at.pfx -nokeys -out cert.pem ``` Export private key (passphrase will not be removed) ```bash openssl pkcs12 -in stern-domain-at.pfx -nocerts -out key.pem -nodes ``` Remove passphrase from the exported private key ```bash openssl rsa -in key.pem -nocerts -out server.key ```