Mister PKI

SSL Certificates * SSL Tools * Certificate Decoder

openssl crl

The openssl crl command and utility will process CRL (Certificate Revocation List) files in both DER and PEM format. CRL locations can be found on the X.509 certificate itself, under the "CRL Endpoints" section. Here is a screenshot from the Mozilla Firefox certificate viewer of the SSL … [Read more...] about openssl crl

openssl passwd

The openssl passwd command can be used to compute password hashes. openssl passwd examples To compute the password hash without a salt, run the following command: openssl passwd -crypt password To compute a salted password hash, run the following command using the crypt algorithm (which … [Read more...] about openssl passwd

openssl ca

The openssl ca command and utility is a lightweight piece of software that can be used to perform minimal CA (Certification Authority) functions. The command can sign and issue new certificates including self-signed Root CA certificates, generate CRLs (Certificate Revocation Lists), and other CA … [Read more...] about openssl ca

openssl list

The openssl list command and utility is used to show supported algorithms and features as well as algorithms and features that have been disabled. openssl list may be used across various operating systems and versions to display supported features as well as disabled features. To display a list … [Read more...] about openssl list

openssl dsa

What is DSA? DSA is short for Digital Signature Algorithm, an asymmetric digital signature algorithm used primarily for digital signatures and this article will use the openssl dsa utility to demonstrate its use. DSA like RSA can be used for both digital signatures and encryption, but is primarily … [Read more...] about openssl dsa

openssl dgst

Use the openssl dgst command and utility to output the hash of a given file. The output will be in hexadecimal, and the default hash function is sha256, although this can be overridden. md5 and sha1 are both common digest functions that are still routinely found in practice and can be specified in … [Read more...] about openssl dgst

openssl ciphers

The openssl ciphers utility is a tool that will display, list, and check supported ciphers. It can test your environment to help you decide which cipher list is appropriate for your setup. openssl ciphers list To display a verbose listing of all ciphers, run the following command: openssl … [Read more...] about openssl ciphers

openssl genpkey

The openssl genpkey command is a utility for generating asymmetric private keys. openssl genpkey or genrsa The openssl genpkey utility has superseded the genrsa utility. While the genrsa is still valid and in use today, it is recommended to start using genpkey. genpkey gives you more than just … [Read more...] about openssl genpkey