OpenSSL
Appearance
OpenSSL is an open source implementation of the TSL cryptographic protocol, and its now-deprecated predecessor, Secure Sockets Layer (SSL) protocol. You can perform some basic operations, such as:
Generate a new self signed Certificate instead of a CSR
openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout private.key -out public.pem
Output a self-signed certificate instead of a certificate request
-nodes
(short for no DES) do not encrypt private key-x509
Output a self-signed certificate instead of a certificate request
Read CSR
openssl req -text -noout -in root.csr
Read certificate (CRT)
openssl x509 -text -noout -in root.crt
Encrypt and decrypt a file[1] (GPG can also be used for encrypting and decrypting files)
Using aes-256-cbc cypher, You will be prompted for a password when encrypting that has to be used for decrypting.[2]
- Encrypt file:
openssl enc -aes-256-cbc -in un_encrypted.data -out encrypted.data
- Use
file
command to verify file type.
file encrypted.data encrypted.data: openssl enc'd data with salted password
- Decrypt file:
openssl enc -d -aes-256-cbc -in encrypted.data -out un_encrypted.data
Activities
[edit | edit source]- Encrypt a file using aes-256-cbc cypher using
openssl enc
command
See also
[edit | edit source]- Installing a web server/Nginx web server
- encfs
- GPG
pbcopy
macOS command