Table of Contents generated with DocToc
openssl req -in <csr_file> -noout -text
Certificate in PEM format:
openssl x509 -in <certificate_file>.crt.pem -noout -text
Certificate in DER format:
openssl x509 -in <certificate_file>.crt -inform der -noout -text
Certificate and private key in PKCS12 format:
openssl pkcs12 -info -nodes -in <file>.pfx
echo 'Q' | openssl s_client -connect <host>:<port> -showcerts 2>/dev/null | openssl x509 -inform pem -noout -text
openssl rsa -in <private_key_file>.key.pem -noout -text
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -out <certificate_file>.crt.pem -keyout <private_key_file>.key.pem
openssl pkcs12 -export -out <keystore_file>.pfx -inkey <key_file>.key.pem -in <certificate_file>.crt.pem -name <alias>
openssl crl2pkcs7 -certfile <certificate_file>.crt.pem -nocrl
openssl x509 -inform der -in <certificate>.crt -out <certificate>.crt.pem
Usual extensions for PKCS12 files: .pfx or .p12
openssl pkcs12 -in <file>.pfx -out <file>.pem -nodes
openssl pkcs12 -in <pkcs12_file>.pfx -nocerts -out <key_file>.key.pem
openssl pkcs12 -in <pkcs12_file>.pfx -clcerts -nokeys -out <certificate_file>.crt.pem
Compare public key hashes from certificate and CSR:
openssl x509 -in <certificate_file> -pubkey -noout -outform pem | sha256sum
openssl req -in <csr_file> -pubkey -noout -outform pem | sha256sum
Compare public key hashes from certificate and private key:
openssl x509 -in <certificate_file> -pubkey -noout -outform pem | sha256sum
openssl pkey -in <private_key_file> -pubout -outform pem | sha256sum