Both sides previous revision
Previous revision
|
Next revision
Both sides next revision
|
sw:security [2024/02/15 16:34] tomas [Prace s openssl] |
sw:security [2024/02/22 10:16] tomas [Prace s openssl] |
''echo n | openssl s_client -showcerts -connect www.domain.com:443 | openssl x509 -text'' ... ukaze vsechny zaznamy o certifikatu, vcetne expirace\\ | ''echo n | openssl s_client -showcerts -connect www.domain.com:443 | openssl x509 -text'' ... ukaze vsechny zaznamy o certifikatu, vcetne expirace\\ |
| |
''openssl genrsa -des3 -out server.key 1024'' ... generovani privatniho RSA klice, delka 1024 bytu, kodovani DES\\ | |
''openssl req -new -key server.key -out server.csr'' ... generovani CSR (zadosti o overeni) z privatniho klice\\ | |
''cp server.key server.key.org; openssl rsa -in server.key.org -out server.key'' ... odstraneni passphrase z klice\\ | |
''openssl rsa -in server.key -text > private.pem'' ... konverze privatniho klice z KEY do PEM\\ | |
''openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt'' ... generovani self-signed verejneho klice pro https komunikaci\\ | ''openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt'' ... generovani self-signed verejneho klice pro https komunikaci\\ |
| openssl req -text -noout -verify -in CSR.csr ... informace o CSR\\ |
''openssl x509 -in lipensky.cz.pem -text -noout'' ... informace o klici acs.qacafe.com.pem v textove podobe\\ | ''openssl x509 -in lipensky.cz.pem -text -noout'' ... informace o klici acs.qacafe.com.pem v textove podobe\\ |
''openssl x509 -in root_ca.cer -inform DER -out root_ca.pem'' ... konverze z DER formatu do PEM\\ | ''openssl x509 -in root_ca.cer -inform DER -out root_ca.pem'' ... konverze z DER formatu do PEM\\ |
''openssl pkcs7 -print_certs -in certificate.cer -out certificate.crt'' ... konverze certifikatu do jineho kodovani\\ | ''openssl pkcs7 -print_certs -in certificate.cer -out certificate.crt'' ... konverze certifikatu do jineho kodovani\\ |
''openssl pkcs7 -print_certs -in old.p7b -out new.crt'' ... konverze certifikátu p7b na crt\\ | ''openssl pkcs7 -print_certs -in old.p7b -out new.crt'' ... konverze certifikátu p7b na crt\\ |
| |
| ===RSA=== |
| ''openssl genrsa -des3 -out server.key 1024'' ... generovani privatniho RSA klice, delka 1024 bytu, kodovani DES\\ |
| ''openssl req -new -key server.key -out server.csr'' ... generovani CSR (zadosti o overeni) z privatniho klice\\ |
| ''openssl rsa -in privateKey.key -check'' ... kontrola RSA klíče, jestli je validní\\ |
| ''cp server.key server.key.org; openssl rsa -in server.key.org -out server.key'' ... odstraneni passphrase z klice\\ |
| ''openssl rsa -in server.key -text > private.pem'' ... konverze privatniho klice z KEY do PEM\\ |
| |
====Analyza https toku==== | ====Analyza https toku==== |
| |