| Both sides previous revision
Previous revision
Next revision
|
Previous revision
Next revision
Both sides next revision
|
sw:security [2024/02/15 16:34]
tomas [Prace s openssl] |
sw:security [2024/02/22 10:19]
tomas |
| ''echo n | openssl s_client -showcerts -connect www.domain.com:443 | openssl x509 -text'' ... ukaze vsechny zaznamy o certifikatu, vcetne expirace\\ | ''echo n | openssl s_client -showcerts -connect www.domain.com:443 | openssl x509 -text'' ... ukaze vsechny zaznamy o certifikatu, vcetne expirace\\ |
| |
| ''openssl genrsa -des3 -out server.key 1024'' ... generovani privatniho RSA klice, delka 1024 bytu, kodovani DES\\ | |
| ''openssl req -new -key server.key -out server.csr'' ... generovani CSR (zadosti o overeni) z privatniho klice\\ | |
| ''cp server.key server.key.org; openssl rsa -in server.key.org -out server.key'' ... odstraneni passphrase z klice\\ | |
| ''openssl rsa -in server.key -text > private.pem'' ... konverze privatniho klice z KEY do PEM\\ | |
| ''openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt'' ... generovani self-signed verejneho klice pro https komunikaci\\ | ''openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt'' ... generovani self-signed verejneho klice pro https komunikaci\\ |
| | ''openssl req -new -key domena.key -out domena.csr -sha256 -subj "/C=CZ/L=Brno/O=Firma a.s./OU=tym/emailAddress=email@email.cz/CN=domena.cz" -addext "subjectAltName = DNS:domena1.cz,DNS:domena2"'' ... CSR s Alternate names\\ |
| | ''openssl req -text -noout -verify -in CSR.csr'' ... informace o CSR\\ |
| ''openssl x509 -in lipensky.cz.pem -text -noout'' ... informace o klici acs.qacafe.com.pem v textove podobe\\ | ''openssl x509 -in lipensky.cz.pem -text -noout'' ... informace o klici acs.qacafe.com.pem v textove podobe\\ |
| ''openssl x509 -in root_ca.cer -inform DER -out root_ca.pem'' ... konverze z DER formatu do PEM\\ | ''openssl x509 -in root_ca.cer -inform DER -out root_ca.pem'' ... konverze z DER formatu do PEM\\ |
| ''openssl pkcs7 -print_certs -in certificate.cer -out certificate.crt'' ... konverze certifikatu do jineho kodovani\\ | ''openssl pkcs7 -print_certs -in certificate.cer -out certificate.crt'' ... konverze certifikatu do jineho kodovani\\ |
| ''openssl pkcs7 -print_certs -in old.p7b -out new.crt'' ... konverze certifikátu p7b na crt\\ | ''openssl pkcs7 -print_certs -in old.p7b -out new.crt'' ... konverze certifikátu p7b na crt\\ |
| | |
| | ===RSA=== |
| | ''openssl genrsa -des3 -out server.key 1024'' ... generovani privatniho RSA klice, delka 1024 bytu, kodovani DES\\ |
| | ''openssl req -new -key server.key -out server.csr'' ... generovani CSR (zadosti o overeni) z privatniho klice\\ |
| | ''openssl rsa -in privateKey.key -check'' ... kontrola RSA klíče, jestli je validní\\ |
| | ''cp server.key server.key.org; openssl rsa -in server.key.org -out server.key'' ... odstraneni passphrase z klice\\ |
| | ''openssl rsa -in server.key -text > private.pem'' ... konverze privatniho klice z KEY do PEM\\ |
| | |
| ====Analyza https toku==== | ====Analyza https toku==== |
| |
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3