Editing OpenSSL
Jump to navigation
Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then save the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 1: | Line 1: | ||
− | [[Wikipedia:OpenSSL|OpenSSL]] | + | [[Wikipedia:OpenSSL|OpenSSL]] is an open source implementation of the [[wikipedia:Transport Layer Security|TSL]] cryptographic protocol, and its now-deprecated predecessor, Secure Sockets Layer ([[SSL]]) protocol. |
− | + | == Examples == | |
− | |||
− | + | * '''Generate a new self signed Certificate instead of a [[Certificate Signing Request (CSR)]] ''' | |
− | + | : <code>openssl req -x509 -nodes -days 3650 -newkey [[rsa]]:2048 -keyout private.key -out public.pem</code> | |
− | * '''Generate a new | ||
− | : <code>openssl req - | ||
::Output a self-signed certificate instead of a certificate request | ::Output a self-signed certificate instead of a certificate request | ||
:::<code>-nodes</code> (short for no DES) do not encrypt private key | :::<code>-nodes</code> (short for no DES) do not encrypt private key | ||
:::<code>-x509</code> Output a self-signed certificate instead of a certificate request | :::<code>-x509</code> Output a self-signed certificate instead of a certificate request | ||
− | * | + | * Read [[CSR]] |
+ | ::<code>openssl req -text -noout -in root.csr</code> | ||
− | + | Read certificate (CRT) | |
− | + | * <code>openssl x509 -text -noout -in root.crt</code> | |
− | + | '''Encrypt and decrypt a file'''<ref>https://unix.stackexchange.com/questions/162960/how-can-i-encrypt-a-file</ref> ([[GPG]] can also be used for encrypting and decrypting files)<br> | |
− | + | Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.<ref>https://stackoverflow.com/a/31552829</ref> | |
+ | * [[Encrypt]] file (<code>openssl enc</code>): | ||
+ | :<code>openssl enc -aes-256-cbc -in un_encrypted.data -out encrypted.data</code> | ||
+ | : Use <code>[[file]]</code> command to verify file type. | ||
+ | <pre> | ||
+ | file encrypted.data | ||
+ | encrypted.data: openssl enc'd data with salted password | ||
+ | </pre> | ||
− | + | * [[Decrypt]] file (<code>openssl enc -d</code>): | |
− | * | + | :<code>openssl enc -d -aes-256-cbc -in encrypted.data -out un_encrypted.data</code> |
− | :<code>openssl | ||
== Activities == | == Activities == | ||
− | * Generate a [[random]] number: <code> | + | * Generate a [[random]] number: <code>openssl rand -base64 32</code><ref>https://www.howtogeek.com/howto/30184/10-ways-to-generate-a-random-password-from-the-command-line/</ref> |
− | + | * <code>openssl s_client -showcerts -connect gnupg.org:443</code> | |
− | + | * [[Encrypt]] a file using aes-256-cbc cypher using <code>[[openssl enc]]</code> command | |
− | * | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
== See also == | == See also == | ||
− | * | + | * [[Installing a web server/Nginx web server]] |
* {{openSSL}} | * {{openSSL}} | ||
− | * {{OpenSSH}} | + | * {{OpenSSH}} |
+ | * | ||
* {{HTTPS}} | * {{HTTPS}} | ||
− | * | + | * [[encfs]] |
+ | * [[GPG]] | ||
+ | * <code>[[pbcopy]]</code> [[macOS]] command | ||
* {{secrets}} | * {{secrets}} | ||
* {{RSA}} | * {{RSA}} |
Advertising: