====== SSL Kommandos ====== ===== KEY ===== openssl genrsa -aes128 -out XXXXXX.key 4096 openssl rsa -in XXXXXX.key -out XXXXXX.pem ===== CSR ===== [[openssl.conf]] für Wildcard und Multidomain-CSRs openssl req -new -key XXXXXX.key -config openssl.cnf -out XXXXXX.csr openssl req -new -key XXXXXX.key -out XXXXXX.csr ===== COMPARE ===== openssl x509 -modulus -in XXXXXX.crt -text -noout | grep "Modulus=" | openssl md5 openssl rsa -noout -modulus -in XXXXXX.key | openssl md5 openssl req -noout -modulus -in XXXXXX.csr | openssl md5 ===== APACHE ===== /usr/lib/ssl/misc/c_hash XXXXXX.pem ln -l /etc/apache2/ssl/XXXXXX.pem 8d5867df.0 ===== CHECKS ===== openssl req -text -noout -verify -in CSR.csr openssl rsa -in privateKey.key -check openssl x509 -in certificate.crt -text -noout ===== Retrieve Certificate ===== echo "" | openssl s_client -connect HOSTNAME:PORT -prexit 2>/dev/null | sed -n -e '/BEGIN\ CERTIFICATE/,/END\ CERTIFICATE/ p'