- HTTPS server banner:
openssl s_client -connect:IPAddress:443
after connection is established, type in “HEAD / HTTP/1.0” and press enter.
Alternative:echo -e "HEAD / HTTP/1.0\n\n" | openssl s_client -quiet -connect IPAddress:443
- NTTPS server banner
openssl s_client -connect:IPAddress:563
- IMAPS server banner:
openssl s_client -connect:IPAddress:993
- POP3S server banner:
openssl s_client -connect:IPAddress:995
- Identifying SSL cyphers:
openssl s_client -connect website:443 -cipher EXPORT40 openssl s_client -connect website:443 -cipher NULL openssl s_client -connect website:443 -cipher HIGH
- Generating password hash four unix:
openssl passwd -1 -salt QIGCa pippo
output: $1$QIGCa$/ruJs8AvmrkmzKTzM2TYE.
- Converting a PKCS12-encoded (or .pfx) certificate to PEM format:
openssl pkcs12 -in CertFile.p12 -out NewCertFile.pem -nodes. -cacerts
- Converting a DER-encoded certificate to PEM format:
openssl x509 -in CertFile.crt. -inform DER -out NewCertName.pem -outform PEM
- Download a proxy’s public certificate:
openssl s_client-connect ProxyHostname:port proxycert.pem
- Create a key:
openssl genrsa -des3 -out server.key 1024
- Create a CSR (certificate signing request):
openssl req -new -key server.key -out server.csr
- Remove a password from a key:
cp server.key server.key.org openssl rsa -in server.key.org -out server.key
- Sign the CSR and create the certificate:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt cat server.crt server.key > certificate.pem
- Encrypting a file:
cat INFILE | openssl aes-256-ecb -salt -k PASSWORD > INFILE.ssl
- Decrypting a file:
cat INFILE.ssl | openssl aes-256-ecb -d -k PASSWORD > INFILE