Using OpenSSL involves executing commands in the terminal to perform various cryptographic operations. Here’s a concise guide on how to use OpenSSL for common tasks:
1. Check OpenSSL Version
To verify that OpenSSL is installed and check its version, use:
openssl version2. Generate a Private Key
To create a new RSA private key:
openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:20483. Create a Public Key
From the private key, generate a corresponding public key:
openssl rsa -pubout -in private_key.pem -out public_key.pem4. Create a Certificate Signing Request (CSR)
To generate a CSR for obtaining an SSL certificate:
openssl req -new -key private_key.pem -out request.csrYou will be prompted to enter information about your organization.
5. Self-Signed Certificate
To create a self-signed certificate:
openssl req -x509 -new -nodes -key private_key.pem -sha256 -days 365 -out certificate.crt6. Encrypt a File
To encrypt a file using AES-256-CBC:
openssl enc -aes-256-cbc -salt -in plaintext.txt -out encrypted.txt -pass pass:yourpassword7. Decrypt a File
To decrypt the previously encrypted file:
openssl enc -d -aes-256-cbc -in encrypted.txt -out decrypted.txt -pass pass:yourpassword8. Hash a File
To generate a SHA-256 hash of a file:
openssl dgst -sha256 filename.txt9. Test SSL/TLS Connection
To test a secure connection to a server:
openssl s_client -connect example.com:443Further Learning
For more detailed operations and options, you can access the OpenSSL manual by typing:
man opensslAdditionally, consider exploring practical labs or tutorials that focus on specific OpenSSL functionalities to enhance your understanding. If you have any specific tasks in mind or need further clarification, feel free to ask!
