The s_client command from OpenSSL is a helpful test client for troubleshooting remote SSL or TLS connections. The post strives to walk you through various examples of testing SSL connections with different ciphers, TLS versions, and SSL server certificate analysis. Testing SSL configuration on … [Read more...] about openssl s_client commands and examples
What is a Certificate Signing Request (CSR)?
A Certificate Signing Request (CSR) is the request file to be sent to a Certification Authority (CA) when requesting an SSL certificate. The CSR in PKI is created along with the public/private key pair and contains the public key. Examples are provided below on how to generate a CSR, and take note … [Read more...] about What is a Certificate Signing Request (CSR)?
openssl-speed
The openssl-speed utility can be used to measure the efficiency of cryptographic hash algorithms. For this purposes of this exercise, no additional flags or switches were added to the command. Strictly running openssl-speed will attempt a speed test on each supported hash algorithm and output the … [Read more...] about openssl-speed
How to generate a self-signed certificate with Java and BouncyCastle
This post demonstrates how to generate a self-signed certificate with Java and BouncyCastle. There are numerous posts online about how to generate a self-signed certificate using the Java Keytool, so I won’t cover that here. Instead, you may be looking for how to generate a self-signed certificate … [Read more...] about How to generate a self-signed certificate with Java and BouncyCastle
curl authentication – Certificate, Bearer token, and Basic Auth
The following examples will go through how to use curl with authentication. For obvious reasons, public APIs do not require authentication but private APIs will require authentication using authorization headers with basic auth, a bearer token header using a JWT (Javascript Web Token) or some other … [Read more...] about curl authentication – Certificate, Bearer token, and Basic Auth
openssl rsa
The openssl rsa command and utility is used to manage and process RSA keys. Use this command to encrypt decrypt, convert between forms of keys and print contents of the RSA keys. Generate an RSA key with openssl See our posts on generating an RSA key with both genpkey and genrsa. genpkey is … [Read more...] about openssl rsa
openssl genrsa – Generate RSA keys with OpenSSL
Use the openssl genrsa command to generate an RSA private key. The generated RSA private key can be customized by specifying the cipher algorithm and key size. Prime numbers are used in generating the RSA private key. During generation the following symbols will be outputted demonstrating the … [Read more...] about openssl genrsa – Generate RSA keys with OpenSSL
openssl verify – Verify a certificate and certificate chain
Use the openssl verify function to verify a certificate chain. openssl verify certificate chain To verify a certificate and its chain for a given website with OpenSSL, run the following command: Where -CAfile chain.pem is the downloaded certificate chain installed at the site and … [Read more...] about openssl verify – Verify a certificate and certificate chain