Pulse:Stay updated, Stay Relevant

Pulse helps network engineers like you stay updated with the networking industry news everyday for FREE

Pulse: All the updates you need to know in one place

Stay relevant with the information that you need to know about the networking market for FREE

MegaSh: Never forget a command again

150+ *nix Cheatsheets in one page to give your super powers :)

OPENSSL Commands Cheat Sheet

Cheat sheets

Here is a cli commands cheat sheet for OPENSSL command, you can use this as a quick reminder for basic commands with a brief description for each of the commands.

What is OPENSSL command?

Add some data here

        # To create a 2048-bit private key:
openssl genrsa -out server.key 2048

# To create the Certificate Signing Request (CSR):
openssl req -new -key server.key -out server.csr

# To sign a certificate using a private key and CSR:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

# (The above commands may be run in sequence to generate a self-signed SSL certificate.)

# To show certificate information for a certificate signing request
openssl req -text -noout -in server.csr

# To show certificate information for generated certificate
openssl x509 -text -noout -in server.crt 

# To get the sha256 fingerprint of a certificate
openssl x509 -in server.crt -noout -sha256 -fingerprint

# To view certificate expiration:
echo | openssl s_client -connect :443 2> /dev/null | \
awk '/-----BEGIN/,/END CERTIFICATE-----/' | \
openssl x509 -noout -enddate

# To generate Diffie-Hellman parameters:
openssl dhparam -outform PEM -out dhparams.pem 2048

# To test an https server:
openssl s_client -connect 10.240.2.130:433

# High-quality options for openssl for symmetric (secret key) encryption
  
This is what knowledgable people consider a good set of options for 
symmetric encryption with openssl to give you a high-quality result.
Also, always remember that the result is only as good as the password
you use. You must use a strong password otherwise encryption is meaningless.
  
openssl enc -e -aes-256-cbc \
  -salt \
  -pbkdf2 \
  -iter 1000000 \
  -md sha512 \
  -base64 \
  -in somefile \
  -out somefile.enc # to encrypt

openssl enc -d -aes-256-cbc \
  -salt \
  -pbkdf2 \
  -iter 1000000 \
  -md sha512 \
  -base64 \
  -in somefile.enc \
  -out somefile # to decrypt

Check out the OPENSSL command documentation .


You can also check our MegaSh cheatsheet tool, that has 150+ searchable linux cheat sheets in one page, so you never forget a command as you work again

You might also like

- Stay on top of AI tools
- 150+ Linux Devops cheatsheets in one page
- DF Commands Cheat Sheet
- SCREEN Commands Cheat Sheet
- CAT Commands Cheat Sheet

Check Also

Best AI tools list