The s_client command from OpenSSL is a helpful test client for troubleshooting remote SSL or TLS connections. The post strives to walk you through various examples of testing SSL connections with different ciphers, TLS versions, and SSL server certificate analysis. Testing SSL configuration on … [Read more...] about openssl s_client commands and examples
OpenSSL Self Signed Certificate
This article will demonstrate how to use OpenSSL to create a self signed certificate. First things first. What is a self signed certificate? A self signed certificate is exactly what it sounds like. The private key of the key pair signs its own SSL certificate. It is not signed by a CA … [Read more...] about OpenSSL Self Signed Certificate
openssl s_time – How to measure SSL performance
This article will demonstrate how to measure SSL and TLS performance using the openssl s_time utility from OpenSSL, the cryptography and SSL/TLS Toolkit. This utility allows you to connect to a remote host with SSL. Note that the connection must be SSL and does not support a plaintext or any other … [Read more...] about openssl s_time – How to measure SSL performance
openssl ec
The openssl ec command and utility can be used to process your EC (Elliptic Curve) keys. This article will walk you through examples on processing EC keys with the openssl ec utility as well as the openssl ecparam utility. You can submit your CSR with its EC key to The SSL Store for an SSL … [Read more...] about openssl ec
What is a Certificate Signing Request (CSR)?
A Certificate Signing Request (CSR) is the request file to be sent to a Certification Authority (CA) when requesting an SSL certificate. The CSR in PKI is created along with the public/private key pair and contains the public key. Examples are provided below on how to generate a CSR, and take note … [Read more...] about What is a Certificate Signing Request (CSR)?
openssl-speed
The openssl-speed utility can be used to measure the efficiency of cryptographic hash algorithms. For this purposes of this exercise, no additional flags or switches were added to the command. Strictly running openssl-speed will attempt a speed test on each supported hash algorithm and output the … [Read more...] about openssl-speed
How to generate a self-signed certificate with Java and BouncyCastle
This post demonstrates how to generate a self-signed certificate with Java and BouncyCastle. There are numerous posts online about how to generate a self-signed certificate using the Java Keytool, so I won’t cover that here. Instead, you may be looking for how to generate a self-signed certificate … [Read more...] about How to generate a self-signed certificate with Java and BouncyCastle
curl authentication – Certificate, Bearer token, and Basic Auth
The following examples will go through how to use curl with authentication. For obvious reasons, public APIs do not require authentication but private APIs will require authentication using authorization headers with basic auth, a bearer token header using a JWT (Javascript Web Token) or some other … [Read more...] about curl authentication – Certificate, Bearer token, and Basic Auth