Ssl: Difference between revisions
Jump to navigation
Jump to search
>Homaar No edit summary |
No edit summary Tags: Reverted Visual edit |
||
| Line 1: | Line 1: | ||
== Remove password from key == | |||
<code>openssl rsa -in original.key -out new.key</code> | |||
== OpenSSL Zertifikat auf der Commandline prüfen== | == OpenSSL Zertifikat auf der Commandline prüfen== | ||
<pre> | <pre> | ||
Revision as of 07:55, 27 August 2023
Remove password from key
openssl rsa -in original.key -out new.key
OpenSSL Zertifikat auf der Commandline prüfen
openssl s_client -connect google.com:443 | openssl x509 -text oder s_client -connect hostname:443 -CApath /etc/ssl/certs
- Wichtig: Der Pfad zu den Root Zertifikaten muss stimmen!
Passwort generieren
PASSWORD=$(openssl rand -base64 8 )
Check Cert
ssl-cert-check -c file.crt
# cat check-ssl-cert.sh
CERT=`cat /usr/ssl/cert-check-list`
CERT=($CERT)
for ((i=0; i<${#CERT[*]}; i++)) do
ssl-cert-check -e systemcheck@smt.de -q -a -c /usr/ssl/newcerts/${CERT[i]} -x 15
#ssl-cert-check -c /usr/ssl/newcerts/${CERT[i]}
done
SSL für Apache
mkdir /etc/apache2/myssl cd /etc/apache2/myssl openssl req -new > server.cert.csr openssl rsa -in privkey.pem -out server.cert.key openssl x509 -in server.cert.csr -out server.cert.crt -req -signkey server.cert.key -days 365 nano /etc/apache2/ports.conf nano /etc/apache2/httpd.conf a2enmod ssl /etc/init.d/apache2 force-reload
delete rsa key password
openssl rsa -in key_with_pw -out key chmod 600 key