Basic Openssl Commands

Openssl is an open source implementation SSL protocol. It is widely used and it has different functions which allows you to check CSR, Certificate and it’s expiry.

Here are some basic open commands which will be useful when you are dealing with certificate or anything related to that.

To decode certificate.

[root@server ~]# openssl x509 -in certificate.crt -text -noout

Check Expiry Date of Certificate Using OpenSSL command

[root@server ~]# cat certificate.crt | openssl x509 -noout -enddate

How to see if Certificate and a Private Key match.
Compare the output from both commands. If they are identical then the private key matches the certificate.

openssl pkey -in privateKey.key -pubout -outform pem | sha256sum
openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum 

Above are the most basic Operations and Widely used. Do let me know if you want us to add more here. So you can refer here.

Leave a Reply

Your email address will not be published. Required fields are marked *