Tags:
create new tag
view all tags

Useful Openssl Commands

Certificates

Create a self signed certificate with no password

This command will create a certificate and key with no password. This is useful for setting up SSL protected webservers for testing.
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout hostcert.key -out hostcert.crt

Examine an x509 Certificate

openssl x509 -in certificate.crt -text -noout

Test for Expired x509 Certificate

openssl x509 -in certificate.crt -noout -checkend 0
check the return code:
  • 0 Valid
  • 1 Expired

Python ex:

import subprocess
import os

cert = '/tmp/x509up_u%s' % os.getuid() 
code = subprocess.call("openssl x509 -in %s -noout -checkend 0" % cert)
if code:
    print "Expired"
else:
    print "Valid"


-- MattVliet - 2010-12-20

Edit | Attach | Watch | Print version | History: r2 < r1 | Backlinks | Raw View | More topic actions
Topic revision: r2 - 2011-01-25 - mvliet
 
This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback