Determine a website's SSL cert expiration date:
echo "" | openssl s_client -connect mail.google.com:443 \
2> /dev/null | openssl x509 -noout -text | \
grep After
Verify a file is a key:
openssl rsa -noout -check -in localhost.xxx
Find a key file that is mislabeled:
for J in `find . -type f`; do echo $J; \
openssl rsa -noout -text -in $J 2> /dev/null | grep Pri; \
done
Verify a file is a certificate:
openssl x509 -noout -in localhost.xxx -enddate
Find a cert file that is mislabeled:
for J in `find . -type f`; do echo $J; \
openssl x509 -noout -enddate -in $J 2> /dev/null; \
done
Verify the key matches the cert:
[ `openssl rsa -noout -modulus -in localhost.key` \(Remember that those are back-tics.)
== `openssl x509 -noout -modulus -in localhost.crt` \
] && echo yes || echo no
View a PKCS12 binary file:
openssl pkcs12 -info -nodes -in localhost.p12
No comments:
Post a Comment