Questions tagged [openssl]
OpenSSL: The Open Source Toolkit for SSL and TLS
1,629
questions
279
votes
6
answers
582k
views
how to download the ssl certificate from a website?
I want to download the ssl certificate from, say https://www.google.com, using wget or any other commands. Any unix command line? wget or openssl?
- 4,574
254
votes
7
answers
759k
views
How do I view the details of a digital certificate .cer file?
I am using Windows and have been given a .cer file. How can I view the details of it?
- 7,593
206
votes
14
answers
267k
views
How to view all ssl certificates in a bundle?
I have a certificate bundle .crt file.
doing openssl x509 -in bundle.crt -text -noout only shows the root certificate.
how do i see all the other certificates?
- 2,557
204
votes
9
answers
33k
views
Heartbleed: What is it and what are options to mitigate it?
This is a Canonical Question about understanding and remediating the Heartbleed security issue.
What exactly is CVE-2014-0160 AKA "Heartbleed"? What is the cause, what OSs and versions of OpenSSL are ...
- 9,232
175
votes
9
answers
362k
views
Is it possible to generate RSA key without pass phrase?
I'm working with Apache2 and Passenger for a Rails project.
I would like to create a self-signed SSL Certificate for testing purposes.
sudo openssl rsa -des3 -in server.key -out server.key.new
...
- 1,903
149
votes
3
answers
144k
views
ssh-keygen does not create RSA private key
I'm trying to create a private key and having an issue.
When I use ssh-keygen -t rsa -b 4096 -C "[email protected]", I get a private key in the following format.
-----BEGIN OPENSSH PRIVATE KEY--...
- 2,173
143
votes
2
answers
469k
views
How can I verify if TLS 1.2 is supported on a remote web server from the RHEL/CentOS shell?
I'm on CentOS 5.9.
I'd like to determine from the linux shell if a remote web server specifically supports TLS 1.2 (as opposed to TLS 1.0). Is there an easy way to check for that?
I'm not seeing a ...
- 12.1k
136
votes
7
answers
156k
views
Certification authority root certificate expiry and renewal
In 2004, I set up a small certification authority using OpenSSL on Linux and the simple management scripts provided with OpenVPN. In accordance with the guides I found at the time, I set the validity ...
- 2,045
103
votes
2
answers
122k
views
I have a keypair. How do I determine the key length?
Using OpenSSL from the command line in Linux, is there some way to examine a key (either public or private) to determine the key size?
- 3,885
88
votes
8
answers
47k
views
Heartbleed: how to reliably and portably check the OpenSSL version?
I was looking at a reliable and portable way to check the OpenSSL version on GNU/Linux and other systems, so users can easily discover if they should upgrade their SSL because of the Heartbleed bug.
...
- 833
87
votes
17
answers
747k
views
What causes SSH error: kex_exchange_identification: Connection closed by remote host?
I setup a SSH server online that is publicly accessible by anyone. Therefore, I get a lot of connections from IPs all over the world. Weirdly, none actually try to authenticate to open a session.
I ...
- 972
84
votes
5
answers
170k
views
Best location to keep SSL certificates and private keys on Ubuntu servers?
On Ubuntu, it looks like the best place for a private key used to sign a certificate (for use by nginx) is in /etc/ssl/private/
This answer adds that the certificate should go in /etc/ssl/certs/ but ...
- 1,717
81
votes
3
answers
274k
views
Install openssl-dev on Ubuntu server
In order to compile NGinx in need to install openssl and openssl-dev (I'am following a book guide).
So i'am doing this :
sudo apt-get install openssl openssl-dev
But i get an error telling me that ...
- 913
78
votes
6
answers
134k
views
Generating a self-signed cert with openssl that works in Chrome 58
As of Chrome 58 it no longer accepts self-signed certs that rely on Common Name: https://productforums.google.com/forum/#!topic/chrome/zVo3M8CgKzQ;context-place=topicsearchin/chrome/category$3ACanary%...
- 1,737
71
votes
9
answers
262k
views
Convert from P7B to PEM via OpenSSL
On Ubuntu, I cannot convert certificate using openssl successfully.
vagrant@dev:/vagrant/keys$ openssl pkcs7 -print_certs -in a.p7b -out a.cer
unable to load PKCS7 object <blah blah>:PEM
...
- 1,329