• about
• apt
• arduino
• autoconf
• awk
• aws
• bind
• c++
• cassandra
• chef
• chromium
• common-lisp
• cron
• curl
• daemontools
• diff
• docker
• dtrace
• emacs
• exiftool
• forth
• git
• glibc
• haproxy
• hipchat
• ld
• lisp
• llvm
• logrotate
• lsof
• man
• mdadm
• memcached
• minicom
• mod security
• mtr
• mutt
• mysql
• nasm
• ncdu
• netstat
• nginx
• nmap
• nss
• offlineimap
• openldap
• operations checklist
• oracle ilom
• osslsigncode
• pacman
• patch
• phusion passenger
• pkgin
• pkitool
• procedural content generation
• procfs
• qemu
• qmake
• rabbitmq
• radare2
• rinetd
• rpm
• rsync
• ruby
• rust
• scheme
• sed
• ssh
• strace
• stunnel
• sudo
• sysbench
• tangle
• tar
• tcpdump
• telnet
• tmux
• transport layer security
• vim
• wget
• windows
• yum
• zfs
• american fuzzy lop
• android
• apache http server
• apache spark
• apk alpine
• arp
• ascii art
• bash
• binary coded decimal
• binary hacks
• binary visualization
• blackberry
• books
• c
• cisco
• cobol
• concepts
• console fun
• core war
• couchdb
• cvs
• databases
• data structures
• debugging
• demoscene tricks
• dns
• email
• epub files
• firefox
• flynns taxonomy
• fortran
• gcc
• gdb
• github
• gnome
• gnu screen
• go
• gocd
• google
• gpg
• graphviz
• grub
• hardware
• heroku
• http
• imagemagick
• ios (apple)
• java
• journal
• kafka
• kotlin
• kubernetes
• latex
• linux
• lldb
• lua
• lvm
• macos
• makefile
• mesos
• meta
• microsoft - excel
• ml
• mongodb
• multimedia
• Mutt
• nagios
• networking
• nfs
• node.js
• objective-c
• odbc
• openbsd
• openpgp
• openssl
• openvpn
• operating systems
• orientdb
• people
• perl
• phones
• php
• postfix
• postgresql
• pretotyping
• processors
• prolog
• python
• reconnoiter
• red hat
• refactorings
• restructuredtext
• riak
• samba
• scapy
• sdl
• security
• smalltalk
• smartos
• solaris
• sphinx
• spinnaker
• sql
• sqlite
• supercomputers
• svn
• swift
• systrace
• tcl
• tcp wrappers
• telcos
• tensorflow
• terraform
• to do
• tvos (apple)
• unix
• vagrant
• vault
• veles
• virtualbox
• virtual reality
• vnc
• watchos
• weberp
• Web Programming
• web programming
• web services
• wise installer
• xml
• x windows
• zookeeper

OpenSSL

RSA key processing

# Generate a private key
openssl genrsa -out private_key.pem 2048
# Make a new public key
openssl rsa -pubout -in private_key.pem -out public_key.pem
# Get info on private key
openssl rsa -text -in private_key.pem

Generate Certificate Signing Request

::

openssl req -new -key private_key.pem -out cert.csr

Self-sign a certificate

::

openssl req -x509 -key private_key.pem -in cert.csr -out cert.crt

Get certificate details

::

openssl x509 -in certificate.crt -text -noout

Create a CA

# Create a root CA key
openssl genrsa -out rootCA.key 2048
# Create a self-signed CA certificate
openssl req -x509 -new -nodes -key rootCA.key -sha256 -days 365 -out rootCA.pem
# Sign a request
openssl x509 -req -in request.csr -CA rootCA.pem -CAkey rootCA.key -CAcreateserial -out requested.crt -days 500 -sha256

Cross-signing certs with multiple CA's

• subject field must be identical
• keys must be identical

Testing an SNI certificate

openssl s_client -servername example.com -connect example.com:443