Eureka Moment Wiki

One eureka moment at the time

User Tools

Site Tools


linux:ubuntu:openssl_examples

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
linux:ubuntu:openssl_examples [2019/02/06 16:04]
tplecko
linux:ubuntu:openssl_examples [2019/03/20 14:16] (current)
tplecko
Line 1: Line 1:
 ====== Convert certificates with OpenSSL ====== ====== Convert certificates with OpenSSL ======
 +===== DER =====
 <code bash| Convert a DER file (.crt .cer .der) to PEM> <code bash| Convert a DER file (.crt .cer .der) to PEM>
 openssl x509 -inform der -in certificate.cer -out certificate.pem openssl x509 -inform der -in certificate.cer -out certificate.pem
 </​code>​ </​code>​
 +
 +===== PEM =====
 <code bash| Convert a PEM file to DER> <code bash| Convert a PEM file to DER>
 openssl x509 -outform der -in certificate.pem -out certificate.der openssl x509 -outform der -in certificate.pem -out certificate.der
 </​code>​ </​code>​
 +<code bash| Convert a PEM file to P7B>
 +openssl crl2pkcs7 -nocrl -certfile certificate.cer -out certificate.p7b -certfile CACert.cer
 +</​code>​
 +<code bash| Convert a PEM certificate file and a private key to PKCS#12 (.pfx .p12)>
 +openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt
 +</​code>​
 +
 +===== PFX =====
 <code bash| Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM> <code bash| Convert a PKCS#12 file (.pfx .p12) containing a private key and certificates to PEM>
 openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes openssl pkcs12 -in keyStore.pfx -out keyStore.pem -nodes
 </​code>​ </​code>​
-You can add -nocerts to only output the private key or add -nokeys to only output the certificates. +You can add **-nocerts** to only output the private key or add -nokeys to only output the certificates. 
-<code bash| Convert a PEM certificate ​file and private key to PKCS#12 (.pfx .p12)> + 
-openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile ​CAC+===== P7B ===== 
 +<code bash| Convert a P7B to PEM
 +openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer 
 +</​code>​ 
 +<code bash| Convert ​P7B to PFX> 
 +openssl pkcs7 -print_certs -in certificate.p7b -out certificate.cer 
 +openssl pkcs12 -export -in certificate.cer -inkey privateKey.key -out certificate.pfx -certfile ​CACert.cer
 </​code>​ </​code>​
  
 +===== Other commands =====
 <code bash| Export public key from private key> <code bash| Export public key from private key>
 openssl rsa -in privkey.pem -pubout > key.pub openssl rsa -in privkey.pem -pubout > key.pub
 +</​code>​
 +
 +<code bash| Remove password from private key>
 +openssl rsa -in [file1.key] -out [file2.key]
 </​code>​ </​code>​
linux/ubuntu/openssl_examples.1549465486.txt.gz · Last modified: 2019/02/06 16:04 by tplecko