Stone Wiki - linux:webserver:openssl
https://dwiki.heisl.org/
2026-04-19T14:55:51+00:00
Stone Wiki
https://dwiki.heisl.org/
https://dwiki.heisl.org/lib/exe/fetch.php?media=wiki:dokuwiki.svg
-
text/html
2023-10-23T14:12:52+00:00
Anonymous (anonymous@undisclosed.example.com)
check_cert_expire
https://dwiki.heisl.org/doku.php?id=linux:webserver:openssl:check_cert_expire&rev=1698070372&do=diff
Check SSL Cert Expire Date
Expire Date
echo | openssl s_client -showcerts -servername <sniname> -connect <server>:<port> 2>/dev/null | openssl x509 -noout -startdate -enddate
Beispiel:
echo | openssl s_client -showcerts -servername dwiki.heisl.org -connect dwiki.heisl.org:443 2>/dev/null | openssl x509 -noout -startdate -enddate
-
text/html
2021-06-22T12:38:55+00:00
Anonymous (anonymous@undisclosed.example.com)
csr_erstellen
https://dwiki.heisl.org/doku.php?id=linux:webserver:openssl:csr_erstellen&rev=1624365535&do=diff
CSR erstellen
Standard 2019
openssl req -nodes -new -keyout <file.key> -newkey rsa:4096 -sha256 -out <file.csr>
Standard 2021
CSR Config File erstellen
vim heisl.org_20210622.conf
[req]
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no
[req_distinguished_name]
C = AT
ST = Vienna
L = Vienna
O = Heisl
OU = IT
CN = heisl.org
[v3_req]
keyUsage = keyEncipherment, dataEncipherment
extendedKeyUsage = serverAuth
subjectAltName = @alt_names
[alt_names]
DNS.1 = he…
-
text/html
2020-12-05T11:30:34+00:00
Anonymous (anonymous@undisclosed.example.com)
csr_windows_ca_sign
https://dwiki.heisl.org/doku.php?id=linux:webserver:openssl:csr_windows_ca_sign&rev=1607167834&do=diff
CSR in Windows CA Signieren
CSR wird unter Linux erstellt und dann in einer Windows CA signiert.
CSR Erstellen
openssl req -nodes -new -keyout apache_vhost.domain.loc.key -newkey rsa:4096 -sha256 -out apache_vhost.domain.loc.csr
CSR signieren lassen
-
text/html
2024-04-15T12:40:12+00:00
Anonymous (anonymous@undisclosed.example.com)
pem_to_javakeystore
https://dwiki.heisl.org/doku.php?id=linux:webserver:openssl:pem_to_javakeystore&rev=1713184812&do=diff
Java Keystore erstellen aus PEM
openssl pkcs12 -export -in cert.pem -out server.keystore -name "Certname"
-
text/html
2024-04-15T12:38:42+00:00
Anonymous (anonymous@undisclosed.example.com)
pkcs12_to_pem
https://dwiki.heisl.org/doku.php?id=linux:webserver:openssl:pkcs12_to_pem&rev=1713184722&do=diff
pkcs12 zu pem
PKCS12 das auch mit PW geschützt ist soll danach ein PEM sein ohne PW
Export vom Cert
openssl pkcs12 -clcerts -nokeys -in "YourPKCSFile" -out certificate.crt -password pass:PASSWORD -passin pass:PASSWORD
Export vom CA Cert
openssl pkcs12 -cacerts -nokeys -in "YourPKCSFile" -out ca-cert.ca -password pass:PASSWORD -passin pass:PASSWORD