openssl is a command line tool that:

Typical use case




With the s_client don't forget to use sni

openssl s_client \
   -connect \
   -servername  # the sni

certs and ca

The certification and ca are located at /etc/ssl/certs

Update of the CA happens via a package.


Discover More
Certificate Validity Period Not Before Not After Portecle
Certificat and chain verification

A certificate check is equivalent to an authentication. The signature of the certificate is verified with the public key to check if it was signed (issued) by a trusted party (usually a trusted...
Public Key Crypto Pair Key Creation
Cryptographic - Private Key

This article talks the secret known as the private key in a asymmetric cryptographic scheme. A private key is a cryptographic key that is private (that you should keep secret). This page is how to...
Csr Ldap Dn Properties
Cryptography - Certificate Signing Request

When requesting a signed certificate, an additional file must be created. This file is called Certificate Signing Request, generated from the Private Key. See the procedure at signed certificate procedure...
Cryptography - JKS (Java Keystore)

In the JDK implementation of JKS, a keystore may contain both: key entries and trusted certificate entries. command line: Gui: Porte-cle: (download)...
Cryptography - PKCS12

PKCS12 is a pkcs version 12. PKCS12 (ie p12 extension) is intended to store both: the private key and public certificate parts It has the capability of being password protected to provide some...
Certificate Validity Period Not Before Not After Portecle
Cryptography - X.509

x.509 is the specification / version of a certificate It's defined in the 5280rfc5280 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile When you see...
Certificate Validity Period Not Before Not After Portecle
Cryptography Certificate - How to self-signed a Certificate (for a test or internal server)

When a certificate is used to sign itself, it is called a self signed certificate. All root CA certificates of the certificate chain are self signed. This article shows you how to create a self-signed...
Domain Validate Certificate
Domain Validated Certificates (DV)

Domain Validated certificates are server signed certificates where the ownership of the domain was checked. There is no identifying organizational information for these certificates and thus should never...
Consistent Hashing
Function - sha1 (Secure Hash Algorithm-1) function

A sha1 (Secure Hash Algorithm) is an hash function that generates 40-character string (message_digest) composed of hexadecimal characters (0–9 and a–f). In a file system, it's calculated based on...
Consistent Hashing
Function - sha256 (Secure Hash Algorithm-256)

sha256 is a hash function of the sha family sha256integrity HTML attributebase64 With the crypto.subtle.digest function. Output: Test it yourself, change the input and see the change in the...

Share this page:
Follow us:
Task Runner