-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathopenssl.txt
24 lines (17 loc) · 1.13 KB
/
openssl.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
# as with all things created by committees or experts, there are 3247 options and features of which
# we need like 3, but any software created for those will be incomplete or lack edgecases or...
# openssl works with a few dozen "sub-commands", each with their own arguments etc etc. The man pages could comprise a fair-
# sized book.
# Some common sub-commands:
req # generate certificate request, optionally along with private key
x509 # certificate display & signing utility
version [-a] # get version. \e[38;5;202m-a\e[0m for a bunch of compile-time settings, options, vars and flags (useful for bugreports)
# create new certificate signing request (CSR) based on existing certificate and key
openssl x509 \e[38;5;202m-x509toreq\e[0m -in ssl.cert -signkey ssl.key -out ssl.csr.new
# CentOS 7 won't update to OpenSSL 1.1 (support dropped december 2019) but invites you to install "openssl11" for spot usage.
# PHP8 has functions to parse PEMs and such, who knew?!
https://www.php.net/manual/en/function.openssl-x509-parse.php
# TODO
SSL_ERROR_RX_RECORD_TOO_LONG: explanation and fix here...
# see also
openssl_functions