Last Modified: Wed, 30 Oct 2024 19:19:19 +0000 ; Created: Wed, 17 May 2023 13:43:55 +0000
A few openssl commands I've found usefulGrab all remote cert chainopenssl s_client -showcerts -connect www.rodneybeede.com:443 </dev/null 2>/dev/null | sed --silent --expression '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p'
Outputs every certificate in a chained ASCII (Base64) PEM fileopenssl storeutl -noout -text -certs allcerts.pem
Output details of only one certificate for reviewopenssl x509 -in some_public_cert.pem -noout -text
Convert from DER format to ASCII (Base64) PEMopenssl x509 -inform der -in burp-ca.der -out burp-ca.pem
One liner to create a self-signed certificate and key pair for web server testingopenssl req -x509 -newkey rsa:4096 -nodes -out cert.crt -keyout cert.key -days 3653 -subj "/CN=lab.rbeede.cloud.localtest.me"
Run a listening openssl server (raw TCP content)openssl s_server -key cert.key -cert cert.crt
Run a www (HTTP) openssl serveropenssl s_server -key cert.key -cert cert.crt -www
|
|