Commonly used openssl commands are as follows:
Check a certificate
openssl x509 -in certificate_name -text -noout
Get all certificates from a server
openssl s_client -connect host:ssl_port -showcerts
Convert a DER format certificate to PEM format
openssl x509 -inform der -in path_to_DER_certificate -out path_to_PEM_certificate
Convert a .pfx file to a JKS store
keytool -importkeystore -srckeystore path_to_.pfx_file -srcstoretype pkcs12 -destkeystore path_to_the_jks_file -deststoretype JKS -srcstorepass pfx_passwd -deststorepass pfx_passwd
Convert a .jks file to PKCS12 format
keytool -importkeystore -srckeystore path_to_.jks_file -destkeystore full_path_to_.p12_file-srcstoretype JKS - deststoretype PKCS12 -deststorepass pkcs12_store_password
Extract a private key from a .pfx file
openssl pkcs12 -info -in path_to_.pfx_file -nodes -nocerts -out private_key_file_name
Extract a public certificate from a .pfx file
openssl pkcs12 -in path_to_.pfx_file -out path_to_certificate_file -nokeys
No comments:
Post a Comment