Openssl

Card Puncher Data Processing

About

openssl is a command line client tool that permits to test, manage and see what happens in a TLS world (ie new name for SSL)

Typical use case

See Obtain a valid Certificate for a Secured Web site

Management

Syntax

s_client

With the s_client don't forget to use sni

certs and ca

The certification and ca are located at /etc/ssl/certs

Update of the CA happens via a package.

Installation





Recommended Pages
Certificate Validity Period Not Before Not After Portecle
Certificat and chain verification

A certificate check is equivalent to an authentication. The signature of the certificate is verified with the public key to check if it was signed (issued) by a trusted party (usually a trusted...
Public Key Crypto Pair Key Creation
Cryptographic - Private Key

This article talks the secret known as the private key in a asymmetric cryptographic scheme. A private key is a cryptographic key that is private (that you should keep secret). This page is how to...
Card Puncher Data Processing
Cryptography - Base64 Cipher

Base64 is a cipher (without key and reversible) that converts (encode) a data (message) in 64 characters of the ASCII string. See also the Google...
Csr Ldap Dn Properties
Cryptography - Certificate Signing Request

When requesting a signed certificate, an additional file must be created. This file is called Certificate Signing Request, generated from the Private Key. See the procedure at signed certificate procedure...
Card Puncher Data Processing
Cryptography - JKS (Java Keystore)

In the JDK implementation of JKS, a keystore may contain both: key entries and trusted certificate entries. command line: Gui: Porte-cle: (download)...
Card Puncher Data Processing
Cryptography - PKCS12

PKCS12 is a pkcs version 12. PKCS12 (ie p12 extension) is intended to store both: the private key and public certificate parts It has the capability of being password protected to provide some...
Certificate Validity Period Not Before Not After Portecle
Cryptography - X.509

x.509 is the specification / version of a certificate It's defined in the 5280rfc5280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile When you see...
Certificate Validity Period Not Before Not After Portecle
Cryptography Certificate - How to self-signed a Certificate (for a test or internal server)

When a certificate is used to sign itself, it is called a self signed certificate. All root CA certificates of the certificate chain are self signed. This article shows you how to create a self-signed...
Public Key Crypto Pair Key Creation
Cryptography Public Key - Digital Signature (Signing)

A digital signature is: a hash of a message created with a secret Digital signature schemes are used for: sender authentication (no one can impersonate the sender, it proves that the message...
Domain Validate Certificate
Domain Validated Certificates (DV)

Domain Validated certificates are server signed certificates where the ownership of the domain was checked. There is no identifying organizational information for these certificates and thus should never...



Share this page:
Follow us:
Task Runner