unix:ssl

SSL

seq 10 | xargs -I@ -n1 curl -kso /dev/null -w "tcp:%{time_connect}, ssldone:%{time_appconnect}\n" https://wiki.sysop.cafe
domain=www.google.com; days=14; echo | openssl s_client -connect $domain:443 2>/dev/null | openssl x509 -noout -checkend $(($days * 24 * 60 * 60)) -enddate
openssl req -x509 -newkey rsa:4096 -keyout privkey.pem -out fullchain.pem -days 365 -nodes
openssl pkcs12 -export -out cert.pfx -inkey privkey.pem -in fullchain.pem
openssl pkcs12 -info -in  cert.pfx #to verify

Convert ''.pfx'' to ''.crt'' and ''.key''

cert=foo_bar.pfx 
openssl pkcs12 -in $cert -clcerts -nokeys -out $(basename "$cert" .pfx).crt
openssl pkcs12 -in $cert -nocerts -out $(basename "$cert" .pfx)-encrypted.key
openssl rsa -in $(basename "$cert" .pfx)-encrypted.key -out $(basename "$cert" .pfx).key

Cert enddate

openssl s_client -connect www.example.com:443 < /dev/null 2>/dev/null | openssl x509 -noout -enddate
  • unix/ssl.txt
  • Last modified: 2021-08-16T20:25:26+0200
  • by Wolfgang