A Certificate Signing Request (CSR) is the request file to be sent to a Certification Authority (CA) when requesting an SSL certificate. The CSR is created along with the public/private key pair and contains the public key. Examples are provided below on how to generate a CSR, and take note that the … [Read more...] about What is a Certificate Signing Request (CSR)?
curl authentication – Certificate, Bearer token, and Basic Auth
The following examples will go through how to use curl with authentication. For obvious reasons, public APIs do not require authentication but private APIs will require authentication using authorization headers with basic auth, a bearer token header using a JWT (Javascript Web Token), or with a … [Read more...] about curl authentication – Certificate, Bearer token, and Basic Auth
pkcs12
A pkcs12 keystore is commonly used for both S/MIME User Certificates and SSL/TLS Server Certificates. The keystore may contain both private keys and their corresponding certificates with or without a complete chain. The keystore’s purpose is to store the credential of an identity, being a person, … [Read more...] about pkcs12
openssl genrsa – Generate RSA keys with OpenSSL
Use the openssl genrsa command to generate an RSA private key. The generated RSA private key can be customized by specifying the cipher algorithm and key size. Prime numbers are used in generating the RSA private key. During generation the following symbols will be outputted demonstrating the … [Read more...] about openssl genrsa – Generate RSA keys with OpenSSL
PKCS7 as SignedData, a certificate bundle and OpenSSL
Introduction to PKCS7 What is PKCS7? It is a standard in the "Public Key Cryptography Standards" used as a cryptographic message syntax and as a format for an X.509 certificate and corresponding chain. The bundle or bag does not have to be a full chain and order does not matter as the final chain … [Read more...] about PKCS7 as SignedData, a certificate bundle and OpenSSL
openssl cms – Sign and encrypt or decrypt email messages
The openssl cms utility will digitally sign, verify, encrypt and decrypt S/MIME version 3.1 mail and messages. Checkout our smime article on how to get an email certificate and extract the public and private key for use in these commands. To purchase an Email certificate, we recommend starting … [Read more...] about openssl cms – Sign and encrypt or decrypt email messages
openssl s_client commands and examples
The s_client command from OpenSSL is a helpful test client for troubleshooting remote SSL or TLS connections. The post strives to walk you through various examples of testing SSL connections with different ciphers, TLS versions, and SSL server certificate analysis. Testing SSL configuration on … [Read more...] about openssl s_client commands and examples
PKCS8 (PKCS #8) format – openssl pkcs8
PKCS8 is the eighth of the Public-Key Cryptography Standards (PKCS) and is a syntax for storing private key material. The private keys may be encrypted with a symmetric key algorithm. If the usage of your key requires it to be in plain text, make sure it is stored in a secured location. If at all … [Read more...] about PKCS8 (PKCS #8) format – openssl pkcs8