• Security
• ssl

SSL + TLS + OPENssl

• Links: ssl-mitm-HSTS , Linux/OpenSSL , LetsEncrypt , 2017-DNS CAA Resource Record Check

• openssl self signed certificate with SSL key exchange explained

• Online check cert: https://tools.keycdn.com/ssl

• https://wiki.samat.org/CheatSheet/OpenSSL

• Create own cert from http://www.sendmail.org/~ca/email/other/cagreg.html

• Creating a Digicert UTM certificate.
  • Create pkcs12 certificate.

    • openssl pkcs12 -export -inkey user-wild-aes256-4096.key -in Digicert-user_co_za.cer -certfile certs/DigiCertCA.crt -out user-wild-aes256-4096.cer.p12

  • Check pkcs12 certificate.

    • openssl pkcs12 -nokeys -in user-wild-aes256-4096.cer.p12 -passin pass:MySeCrEt | less 

Java keytool

• List keys

  •        keytool -list -v -keystore store.jks

• Export java jks to p12

  •       keytool -importkeystore -srckeystore keystore.jks -destkeystore keystore.p12
    -deststoretype PKCS12 -srcalias <jkskeyalias> -deststorepass <password>
    -destkeypass <password>

openssl export only key or cert

• Export certificate using openssl:

  •       openssl pkcs12 -in keystore.p12  -nokeys -out cert.pem

• Export unencrypted private key:

  •       openssl pkcs12 -in keystore.p12  -nodes -nocerts -out key.pem

...

CategorySecurity