Updated on September 9, 2020 at 12:23 am
I’m currently in the middle of some IoT (Internet of Things) research and thought I would post some openssl commands that come in handy for such research.
- Getting the certificate serial number comes in handy for plugging it into search engines such as Shodan for example.
- openssl x509 -in /etc/ssl/certs/xyz.crt -serial -noout
- Generating the public key for both the certificate and private key and comparing the results.
- openssl x509 -pubkey -noout -in etc/ssl/certs/cert.pem
- openssl rsa -in etc/ssl/certs/key.pem -pubout
- Getting the fingerprint of a certificate.
- openssl x509 -in etc/ssl/certs/cert.pem -fingerprint -sha1
- openssl x509 -in etc/ssl/certs/cert.pem -fingerprint -sha256
- Generate the modulus, hashing it and then comparing the results from both the certificate and the private key.
- openssl x509 -noout -modulus -in etc/ssl/certs/cert.pem | openssl md5
- openssl rsa -noout -modulus -in etc/ssl/certs/key.pem | openssl md5