Here's a preview from my zine, Bite Size Networking!! If you want to see more comics like this, sign up for my saturday comics newsletter or browse more comics!
get the zine!
read the transcript!
openssl is a tool for doing SSL things
(aka TLS)
- inspect certificates
- create CSRs
- sign certificates
It uses the OpenSSL library (or LibreSSL)
inspect a certificate
$ openssl x509 -in
FILE.crt -noout -text
This works for files ending in .crt or .pem! Try it out:
you probably have certs in usr/share/ca-certificates
look at a website’s certificate
$openssl s_client
-showcerts -connect
google.com:443
happy little stick figure with curly hair: pipe this to openssl x509 to parse!
panel 4
certificate authority, represented by a box with a neutral expression: please upload a CSR
person: a WHAT?!
to get a SSL cert for your website, you need to make a file called a “certificate signing request.”
make a CSR
$ openssl req -new
-sha256 -key FILE.key
-out FILE.csr
make a FILE.key with $ openssl genrsa
md5/sha1/sha25b/sha512
Not quite SSL but useful:
$openSSL md5 FILE
computes the md5sum of FILE. Same for other digests
$ openssl LIST -digestcommands shows all supported digests.