OpenSSL

OpenSSL⚑

Usage⚑

Key⚑

Generate a RSA key⚑

openssl genrsa -out

****: 2048, 4096...

CSR⚑

Get information from a CSR file⚑

openssl req -in -text -noout

(https://www.shellhacks.com/decode-csr/)

Generate a CSR⚑

Generate a key file.
Create a csr.conf file (recommended) with the following contents:

default_bits       = 
default_md         = sha512
default_keyfile    = 
prompt             = no
encrypt_key        = no
distinguished_name = req_distinguished_name
## distinguished_name

countryName            = ""                         # C=
localityName           = ""                         # L=
organizationName       = ""                         # O=
organizationalUnitName = ""                     # OU=
commonName             = ""                     # CN=
emailAddress           = ""     # CN/emailAddress=

3. Generate de CSR file for the key: openssl req -config csr.conf -new -key -out -verbose

(https://medium.com/curiouscaloo/how-to-generate-a-wildcard-cert-csr-with-a-config-file-for-openssl-8a6613ab342f)

Get information about a SSL/TLS certificate⚑

openssl s_client -connect : | openssl x509 -noout -dates