Openssl s_clientOpenSSL freeOpenSSL check ciphers on ServerOpenssl s_client Windowsopenssl s_client教學OpenSSL 1.1 0lOpenssl s_client 用法Openssl s_client -showcertsOpenSSL 1.1 1SSL test toolOpenSSL runtimeOpenSSL onlineOpenSSL check cipherVerify SSL certificate openssl s_clientOpenSSL test

openssl 指令command line - SSORC.tw

文章推薦指數: 80 %
投票人數:10人

openssl req -in server.csr -noout -verify -key server.key. 檢查憑證 openssl verify server.crt. 查看csr 內容 openssl req -in server.csr ... 首頁 Linux openssl指令commandline openssl指令commandline 1 ssorc發佈於15年前 自產出私密金鑰(privatekey)及 憑證(crt)(365天,2048bits) opensslreq-new -sha256-x509-keyoutserver.key-outserver.crt-days365-newkeyrsa:2048-nodes-subj '/C=TW/ST=Taiwan/L=Taipei/CN=ssorc.tw/[email protected]' 產出私密金鑰(privatekey)及憑證要求(certificatesigningrequest=csr) opensslreq-new-sha256-keyoutserver.key-outserver.csr-days365 -newkeyrsa:2048-nodes-subj '/C=TW/ST=Taiwan/L=Taipei/CN=ssorc.tw/[email protected]' 如果用繼有的privatekey產生憑證要求(csr) opensslreq-new-keyserver.key-outserver.csr 簽署csr產生crt opensslx509-inserver.csr-outserver.crt-req-text-signkeyserver.key 用CA簽發 opensslca-policypolicy_anything-outserver.crt-infilesserver.csr 檢查csr與privatekey opensslreq-inserver.csr-noout-verify-keyserver.key 檢查憑證 opensslverifyserver.crt 查看csr內容 opensslreq-inserver.csr-noout-text 參數說明: -noout:不輸出BEGINCERTIFICATEREQUEST字樣 查看csr內容並檢查 opensslreq-inserver.csr-noout-text-verify 查看crt內容 opensslx509-inserver.crt-text 其它查看參數: -issuer -subject -dates #CreateCAcertificate opensslgenrsa2048>ca-key.pem opensslreq-new-sha256-x509-nodes-days3600-keyca-key.pem-outca-cert.pem-subj'/C=TW/ST=Taiwan/L=Taipei/CN=ca.ssorc.tw/[email protected]' #Createservercertificate,removepassphrase,andsignit #server-cert.pem=publickey,server-key.pem=privatekey opensslreq-sha256-newkeyrsa:2048-days3600-nodes-keyoutserver-key.pem-outserver-req.pem-subj'/C=TW/ST=Taiwan/L=Taipei/CN=server.ssorc.tw/[email protected]' opensslrsa-inserver-key.pem-outserver-key.pem opensslx509-sha256-req-inserver-req.pem-days3600-CAca-cert.pem-CAkeyca-key.pem-set_serial01-outserver-cert.pem #Createclientcertificate,removepassphrase,andsignit #client-cert.pem=publickey,client-key.pem=privatekey opensslreq-sha256-newkeyrsa:2048-days3600-nodes-keyoutclient-key.pem-outclient-req.pem-subj'/C=TW/ST=Taiwan/L=Taipei/CN=client.ssorc.tw/[email protected]' opensslrsa-inclient-key.pem-outclient-key.pem opensslx509-sha256-req-inclient-req.pem-days3600-CAca-cert.pem-CAkeyca-key.pem-set_serial01-outclient-cert.pem #verifythem opensslverify-CAfileca-cert.pemserver-cert.pemclient-cert.pem 文件加密、解密 明文文件(plaintext) :test.txt 密文文件(ciphertext):test.msg 文件加密 echo"thisisatestfile">test.txt opensslsmime-encrypt-intest.txt-outtest.msgserver.crt 文件解密 opensslsmime-decrypt-intest.msg-recipserver.crt-inkeyserver.key 驗證簽章(VerifySignature) opensslsmime-sign-inkeyserver.key-signerserver.crt-intest.txt-outtest.msg opensslsmime-verif-intest.msg-signerserver.crt-outtest2.txt-CAfileserver.ca 測試TLS openssls_client-CAfileserver.ca-connectlocalhost:993 openssls_client-connectlocalhost:25-starttlssmtp openssls_time-connectlocalhost:443 Benchmark opensslspeed opensslspeedrsa 參考 http://www.madboa.com/geek/openssl/ http://www.ascc.net/nl/91/1819/02.txt http://www.study-area.org/tips/certs/certs.html 其它相關文章openssl指令commandline–檢查SSLTLS有Heartbleed風險的SSL伺服器還是很多使用Cygwin在Windows上架設SSHServerSSL/TLS新漏洞,DROWN攻擊OpenSSL最近漏洞修復清單SSL/TLSFREAK漏洞的後續 最後修改日期: 2014年10月16日 opensslssl 作者 ssorc 留言 瘦河馬 發佈於11年前 感謝您的教學 [Reply] 撰寫回覆或留言取消回覆發佈留言必須填寫的電子郵件地址不會公開。

Clicktocancelreply 文章導覽 上一篇文章TcpHandshaking三次握手下一篇文章做一個MSNMessenger的「隱形人」

請為這篇文章評分?

延伸文章資訊