NCSA CyberSecurity: Useful OpenSSL Commands

Note: For printing purposes, you can SHOW ALL or HIDE ALL Instructions.

OpenSSL is a very powerful cryptography utility, perhaps a little too powerful for the average user. With all the different command line options, it can be a daunting task figuring out how to do exactly what you want to do. Here are several common tasks you may find useful. Note that some commands may require version 0.9.8a and above.

Creating Certificates

Generate A Certificate Signing Request
In order to get an SSL certificate and key (for use by an httpd server, for example), you must first create a Certificate Signing Request (CSR). The CSR can be sent to a commercial Certificate Authority (CA) which will then return an SSL certificate. Alternatively, you can be your own CA and use the CSR to create a self-signed certificate. Here is a typical openssl command and the resulting interactive session:
```
> openssl req -new -newkey rsa:1024 -keyout hostkey.pem -nodes -out hostcsr.pem
Generating a 1024 bit RSA private key
........++++++
........++++++
writing new private key to 'hostkey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Illinois
Locality Name (eg, city) []:Urbana
Organization Name (eg, company) [Internet Widgits Pty Ltd]:NCSA
Organizational Unit Name (eg, section) []:Security Research Division
Common Name (eg, YOUR name) []:Terry Fleury
Email Address []:tfleury@ncsa.uiuc.edu

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
>
```
First, an explanation of the command line options:
- -new - generate a new CSR
- -newkey rsa:1024 - generate a new private key of type RSA of length 1024 bytes. If you had previously generated a private RSA key (by using the "openssl genrsa" command, for example) and would like to use it rather than generating a new key, you can use the -key FILENAME option to read in your extisting key. Also, you can change the length of the key if you want. The minimum should be 512. Many people like to use 2048 for a more secure key.
- -keyout hostkey.pem - write out the newly generated RSA private key to the file hostkey.pem. You will want to save this file since it is needed when you get the SSL certificate.
- -nodes - an optional parameter NOT to encrypt the private key. This is useful when your web server starts automatically, say at boot time. If your private key is encrypted, you would be required to enter a password everytime your web server restarted. You could also omit this option to create an encrypted key and then later remove the encryption from the key.
- -out hostcsr.pem - write out the CSR to the file hostcsr.pem. This is the file you will submit to your commercial SLL provider, or use when creating a self-signed certificate.
Next, an explanation of the interactive session.
At each prompt, you will see brackets ([ ]) which may or may not contain text. That text is the default option for that prompt. If you simply hit the <ENTER> key at this point without typing any text, the text in the brackets will be used. If there is text in the brackets that you DON'T want (i.e. you want to erase the text for that prompt), type a period (.) and then hit <ENTER>. Note that you cannot have all fields be empty.
Note: If you are planning on using this CSR to create a self-signed certificate, then at the prompt "Common Name (eg, YOUR name) []:", enter the fully qualified domain name (FQDN) of your web server. This will prevent a "domain name mismatch" error box from appearing when clients connect to your web site.
At the end of the session, you are prompted for 'extra' attributes. I typically leave these blank (i.e. type <ENTER>) as they are ignored by OpenSSL's request signing utilities, but some CAs may want them.
Create A Self-Signed Certificate From A Certificate Signing Request
Once you have created a Certificate Signing Request (CSR), you can create a self-signed certificate from it. A self-signed certificate does not give the security guarantees provided by a certificate signed by a commercial CA. But it will allow you to provide a secure https connection to your web site. Clients will see a warning message stating that your site's identity cannot be verified and thus is not a "trusted site". Clients have the option of accepting the certificate for the session and all subsequent https:// connections with the site will be secure.
Assuming you had generated your CSR and private key using the method shown above, you can create a self-signed certificate with the following openssl command:
```
openssl req -x509 -days 365 -in hostcsr.pem -key hostkey.pem -out hostcert.pem
```
Here's and explanation of the command line options:
- -x509 - output a self-signed certificate rather than a CSR.
- -days 365 - make the self-signed certificate valid for one year.
- -in hostcsr.pem - read in the CSR from the file hostcsr.pem.
- -key hostkey.pem - read in the private key from the file hostkey.pem.
- -out hostcert.pem - write out the self-signed certificate to the file hostcert.pem.
Generate A Self-Signed Certificate From Scratch
If you know that you only want a self-signed certificate (not one signed by a Certificate Authority (CA)), you can generate a self-signed certficate without first having to generate a Certificate Signing Request (CSR). A self-signed certificate does not give the security guarantees provided by a certificate signed by a commercial CA. But it will allow you to provide a secure https connection to your web site. Clients will see a warning message stating that your site's identity cannot be verified and thus is not a "trusted site". Clients have the option of accepting the certificate for the session and all subsequent https:// connections with the site will be secure.
Here is a typical openssl command and the resulting interactive session when generating a self-signed certificate:
```
> openssl req -x509 -days 365 -newkey rsa:1024 -keyout hostkey.pem -nodes -out hostcert.pem
Generating a 1024 bit RSA private key
........++++++
........++++++
writing new private key to 'hostkey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:US
State or Province Name (full name) [Some-State]:Illinois
Locality Name (eg, city) []:Urbana
Organization Name (eg, company) [Internet Widgits Pty Ltd]:NCSA
Organizational Unit Name (eg, section) []:Security Research Division
Common Name (eg, YOUR name) []:www.ncsa.uiuc.edu
Email Address []:webmaster@ncsa.uiuc.edu
>
```
First, an explanation of the command line options:
- -x509 - generate a self-signed certificate rather than a CSR.
- -days 365 - make the self-signed certificate valid for one year.
- -newkey rsa:1024 - generate a new private key of type RSA of length 1024 bytes. If you had previously generated a private RSA key (by using the "openssl genrsa" command, for example) and would like to use it rather than generating a new key, you can use the -key FILENAME option to read in your extisting key. Also, you can change the length of the key if you want. The minimum should be 512. Many people like to use 2048 for a more secure key.
- -keyout hostkey.pem - write out the newly generated RSA private key to the file hostkey.pem. You will want to save this file since it is needed when you use the SSL certificate.
- -nodes - an optional parameter NOT to encrypt the private key. This is useful when your web server starts automatically, say at boot time. If your private key is encrypted, you would be required to enter a password everytime your web server restarted. You could also omit this option to create an encrypted key and then later remove the encryption from the key.
- -out hostcert.pem - write out the self-signed certificate to the file hostcert.pem.
Next, an explanation of the interactive session.
At each prompt, you will see brackets ([ ]) which may or may not contain text. That text is the default option for that prompt. If you simply hit the <ENTER> key at this point without typing any text, the text in the brackets will be used. If there is text in the brackets that you DON'T want (i.e. you want to erase the text for that prompt), type a period (.) and then hit <ENTER>. Note that you cannot have all fields be empty.
Note: Since you are creating a self-signed certificate for use by a web server, at the prompt "Common Name (eg, YOUR name) []:", enter the fully qualified domain name (FQDN) of your web server. This will prevent a "domain name mismatch" error box from appearing when clients connect to your web site.

Viewing Certificates

View The Contents Of A Certificate Signing Request

Once you have created a Certificate Signing Request (CSR), you can look at the contents of the file using a text editor. But you will only see a block of PEM-encoded text such as this:

If you want to see the actual entries for this file, you can view the contents as text. Here's is a typical openssl command and the resulting output:

> openssl req -text -noout -in hostcsr.pem
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: C=US, ST=Illinois, L=Urbana, CN=Terry Fleury
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:a8:fc:3a:1d:fe:c1:a2:09:2b:e2:f8:e5:76:f7:
                    97:f7:78:b3:0c:cc:f2:a7:36:34:0a:69:b5:69:18:
                    fd:f1:d9:b5:47:62:e2:53:4b:3e:54:9a:af:43:b6:
                    c6:81:50:c1:d5:83:04:82:78:28:df:24:0b:5a:38:
                    d1:11:9c:92:a0:ef:28:b2:cb:79:1d:1e:0c:58:7a:
                    a8:68:a8:3a:09:92:a6:63:a0:df:9b:38:86:46:94:
                    6b:39:e6:47:b9:02:a1:58:75:e2:1a:4c:07:20:73:
                    16:4c:99:e6:19:4d:d6:78:9f:47:02:bc:b1:df:73:
                    24:ee:29:c1:a6:b5:6b:17:fb
                Exponent: 65537 (0x10001)
        Attributes:
            a0:00
    Signature Algorithm: sha1WithRSAEncryption
        55:47:a5:71:f1:a5:82:eb:3f:39:a4:d9:82:87:8f:12:67:2f:
        5f:82:e9:f2:87:c4:e2:c1:0b:6c:cf:2c:83:dc:62:5f:2c:3a:
        c9:0d:de:d9:3d:c7:b1:8a:c9:9c:e5:14:26:48:0e:9c:be:f3:
        c0:3a:f6:f4:84:35:74:6f:92:72:35:ca:7f:18:01:be:bd:a3:
        9f:07:4d:6d:7d:b4:62:02:f2:b7:c8:6d:e8:d8:94:13:bb:50:
        df:7c:c3:71:21:a8:8b:e5:76:3b:14:96:a5:b4:47:9c:e9:7a:
        94:67:51:76:1d:c0:d4:b4:23:c2:93:3b:67:95:63:9e:03:55:
        7d:63
>

Here's an explanation of the command line options:

-text - view the contents of the CSR as plain text.
-noout - do not output the PEM-encoded version of the CSR.
-in hostcsr.pem - read in the CSR from the file hostcsr.pem.

View The Contents Of A Certificate

Once you have a certificate, either a self-signed one or one signed by a third-party Certificate Authority (CA), you may want to view the contents of the certificate. If you simply look at the file with a text editor, you will only see a block of PEM-encoded text such as this:

If you want to see the actual entries for this file, you can view the contents as text. Here's is a typical openssl command and the resulting output:

> openssl x509 -text -noout -in hostcert.pem
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            fc:e7:90:e6:be:cd:e7:8b
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=Illinois, L=Urbana, O=NCSA, OU=Security Research Division, 
                CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
        Validity
            Not Before: Mar  1 19:30:31 2006 GMT
            Not After : Mar  1 19:30:31 2007 GMT
        Subject: C=US, ST=Illinois, L=Urbana, O=NCSA, OU=Security Research Division,
                 CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
            RSA Public Key: (1024 bit)
                Modulus (1024 bit):
                    00:b2:f3:ff:40:7e:29:78:0b:ec:2f:15:d9:b6:a7:
                    bc:3a:b1:0b:19:a2:55:c9:43:52:74:ed:50:f2:48:
                    2a:20:b9:70:a2:ea:c0:91:fc:0c:89:12:bf:44:ea:
                    33:f7:e7:41:6c:80:5a:0c:9f:87:74:aa:19:01:6f:
                    a2:70:73:32:6d:25:13:e9:85:92:2f:5d:38:b4:ae:
                    b3:b3:66:97:b4:c9:31:75:ec:d5:9c:73:95:d7:9f:
                    d3:3c:31:b4:76:8d:2f:7b:a6:32:76:03:27:25:bc:
                    e8:06:37:f9:d8:21:d1:29:05:f1:8a:27:47:0b:42:
                    be:74:ac:11:00:bb:e1:92:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                0F:54:DA:9E:36:1D:1E:B8:C4:82:B7:B8:AF:53:AA:CB:81:62:4A:2B
            X509v3 Authority Key Identifier: 
                keyid:0F:54:DA:9E:36:1D:1E:B8:C4:82:B7:B8:AF:53:AA:CB:81:62:4A:2B
                DirName:/C=US/ST=Illinois/L=Urbana/O=NCSA/OU=Security Research Division/
                        CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
                serial:FC:E7:90:E6:BE:CD:E7:8B

            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
        07:ea:e7:68:38:a0:c5:45:b7:3a:79:da:93:19:7a:fc:68:bf:
        d1:f2:24:da:6e:58:73:8f:ef:2e:d6:1e:6b:98:ce:28:03:cb:
        9b:ce:a8:98:0f:92:2d:f0:de:19:1d:a6:b2:0a:28:86:f9:ed:
        43:f0:7c:46:71:ad:6e:16:c2:49:56:96:57:18:57:6f:f4:d3:
        2b:59:f6:d7:f9:1a:b7:86:84:cf:80:18:a3:99:ce:ff:9f:0d:
        00:6d:cc:ba:f8:4f:84:ce:8e:94:0e:1e:d7:1e:89:1d:49:78:
        d3:55:1c:bf:98:e7:77:17:6c:fe:aa:2a:1d:13:62:7f:31:55:
        01:f7
>

Here's an explanation of the command line options:

-text - view the contents of the certificate as plain text.
-noout - do not output the PEM-encoded version of the certificate.
-in hostcert.pem - read in the certificate from the file hostcert.pem.

View The Signer Of A Certificate
(Note: This requires OpenSSL version 0.9.8a or higher.) You may want to find out what Certificate Authority (CA) signed a particular certificate. OpenSSL terms this CA as the "issuer". You can view the issuer of a certificate, and you can also view the hash of the issuer. The hash is useful if you have named your certificates with their hash value. You could then quickly match the issuer hash with the certificate hash file name. Here's an openssl command to output this information:
```
> openssl x509 -in cert.pem -noout -issuer -issuer_hash
issuer= /C=US/ST=Illinois/L=Urbana/O=NCSA/CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
be7cee67
>
```
Here's an explanation of the command line options:
- -in cert.pem - read in the certificate in question from the file cert.pem.
- -noout - do not output the PEM-encoded version of the certificate.
- -issuer - output the issuer's Distinguished Name (DN).
- -issuer_hash - output the hash of the certificate issuer's name. (Option available in version 0.9.8a and above.)
Note that this command only gives you the entity that signed this certificate. It does NOT give you the root CA, since a certificate chain can contain many entities. To get to the root CA, you have to keep running this command on the "issuer" until you find a self-signed certificate (i.e. the "issuer" equals the "subject").

Verify A Certificate Matches A Private Key

When you create a certificate, you need a private key during creation. Optionally, you can create the key at the same time as the certificate. In either case, you may one day forget which key was used to create a particular certificate. You can figure this out by comparing the modulus of the certificate with the modulus of the key. Since the certificate is an X.509 PEM formatted file and the private key is an RSA PEM formatted file, you would run the following two commands and compare their output. (Note that linebreaks have been added to the Modulus output to make this page easier to read.)

> openssl x509 -in cert.pem -noout -modulus
Modulus=D44108D18FC92D916D8BA787EFBB43C1B7CE9BD38DB00C7A1AAE3750CB22D62EB3D5E4DF
09227A8926B96F90E1C34819E5EE6EEB466AE693D9AB10811AB8DDAB74A308B5FD6775D06D5F25DF
E97B8680450F3D3215679D5E5348CE6CB340699E5A355A3E0315877BD8CB9B3A0C8A4FADB8EACFB6
14BA6D0518CAEC946FAE8B6D7FCFDB0D6A211B7EB2C8D27D5F02B2AB8FB023B8F5783D44E94BE804
7B6DFE0CB11333B90919C550B93F0D032BF3DF3DDF7AA3B9CBAFC7B685C9537E984291690AA1121A
106D36627D56E65773ECEF63A55934D40102DE6863F3E292EE8E9F06619DAB71FD22E1039F5C9F48
BC180123877213A21070BC8875F3C2242A6E3923

> openssl rsa -in key.pem -noout -modulus
Modulus=D44108D18FC92D916D8BA787EFBB43C1B7CE9BD38DB00C7A1AAE3750CB22D62EB3D5E4DF
09227A8926B96F90E1C34819E5EE6EEB466AE693D9AB10811AB8DDAB74A308B5FD6775D06D5F25DF
E97B8680450F3D3215679D5E5348CE6CB340699E5A355A3E0315877BD8CB9B3A0C8A4FADB8EACFB6
14BA6D0518CAEC946FAE8B6D7FCFDB0D6A211B7EB2C8D27D5F02B2AB8FB023B8F5783D44E94BE804
7B6DFE0CB11333B90919C550B93F0D032BF3DF3DDF7AA3B9CBAFC7B685C9537E984291690AA1121A
106D36627D56E65773ECEF63A55934D40102DE6863F3E292EE8E9F06619DAB71FD22E1039F5C9F48
BC180123877213A21070BC8875F3C2242A6E3923

In this case, the two moduli are the same, thus the key.pem file was used to generate the cert.pem file.

If you are running bash you can run the following test to easily see if the two moduli are the same:

if [ "`openssl x509 -in cert.pem -noout -modulus`" = \
     "`openssl rsa -in key.pem -noout -modulus`" ]; \
     then echo "Match"; else echo "Different"; fi

Find The Hash Value Of A Certificate
Many OpenSSL commands have a command line option "-CApath" for specifying a directory of trusted Certificate Authorities (CAs) used during certificate verification. However, the trusted certificates in this directory must be named "HASHVAL.0" where HASHVAL is the "hashed certificate subject name". To find this value, run the following openssl command:
```
> openssl x509 -noout -hash -in cert.pem
be7cee67
>
```
You would then rename the file cert.pem to be7cee67.0 and place it in the directory you specify for the "-CApath" option. Note that if you are on a *nix box, you can alternatively create a symbolic link to the cert.pem file using this hash value (with ".0" for filename extension) as link name. To do this, you would run the following command:
```
> ln -s cert.pem `openssl x509 -noout -hash -in cert.pem`.0
>
```

Proxy Certificates

Allow Proxy Certificates For Client Verification
While OpenSSL 0.9.7g and above provides for the creation of proxy certificates, you cannot actually use proxy certificates for client verification unless you set the environment variable "OPENSSL_ALLOW_PROXY_CERTS" to a non-empty value. Here's how to do this in three different environments.
When using csh:
```
setenv OPENSSL_ALLOW_PROXY_CERTS 1
```
When using bash:
```
export OPENSSL_ALLOW_PROXY_CERTS=1
```
When using Windows command-shell cmd.exe:
```
set OPENSSL_ALLOW_PROXY_CERTS=1
```
Generate A Certificate Signing Request For A Proxy Certificate
A proxy certificate is similar to a client (user) certificate. Actually it IS a client certificate, however rather than having a Certificate Authority (CA) sign the Certificate Signing Request (CSR), YOU act as the CA and use your user certificate to sign the CSR. To generate a CSR for a proxy certificate, you first need to download and save this CSR configuration file to your hard drive by right-clicking on the link and selecting "Save As...". Next, you need to get the subject field of the certificate you plan on using to sign the CSR (e.g. your user certificate) since this field must be identical in the proxy certificate, with the addition of a random number. Here's a typical openssl command to output the subject of a certificate:
```
> openssl x509 -subject -noout -in cert.pem
subject= /C=US/O=NCSA/CN=Terry Fleury/emailAddress=tfleury@ncsa.uiuc.edu
>
```
Here's an explanation of the command line options:
- -subject - output only the subject of the input certificate.
- -noout - do not generate a new certificate.
- -in cert.pem - read in the X509 PEM certificate from the file cert.pem.
When you create your CSR, each field MUST be identical to that of the subject output above. Here's a typical openssl command to create a proxy certificate CSR and resulting interactive session:
```
> openssl req -new -config csr.conf -out proxy.csr -keyout proxykey.pem
Generating a 512 bit RSA private key
.....++++++++++++
..++++++++++++
writing new private key to 'proxykey.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name "C" (2 letter code) []:US
State Name "ST" (full name) []:
Locality Name "L" (eg, city) []:
Organization Name "O" (eg, company) []:NCSA
Organizational Unit Name "OU" (eg, section) []:
Common Name "CN" (eg, YOUR name) []:Terry Fleury
Email Address []:tfleury@ncsa.uiuc.edu
Common Name "CN" (unique 8 digit number) []:73052638
>
```
First, an explanation of the command line options:
- -new - generate a new CSR for a proxy certificate.
- -config csr.conf - read in the CSR configuration file you downloaded from the link above. This file is specially designed to create CSRs for proxy certificates.
- -out proxy.csr - write out the CSR for the proxy certificate to the file proxy.csr.
- -keyout proxykey.pem - write out the private key for the proxy certificate to the file proxykey.pem.
Next, an explanation of the session and some specifics to keep in mind:
- When you found the subject of the certificate you plan on using to sign the proxy CSR, you saw several "key=value" entries separated by a slash ('/'). Each "key" corresponds to a prompt when creating the CSR. The "value" is what you should enter for that "key". For example, "C=US", means that when prompted for 'Country Name "C"', you should enter "US". It is very important that all key/value pairs in your certificate subject are the same as what you enter when generating your proxy CSR.
- If there is no key/value pair for a particular prompt, then that field should be left blank. Simply type <ENTER> to bypass that prompt.
- The final prompt asks you to enter a random 8 digit number. You can use any number you like. (Actually, you can use any string you like.) This value gets appended to the proxy certificate's subject so as to make it distinct from the subject of the client certificate used to sign the proxy.
Create A Proxy Certificate From A Certificate Signing Request
Once you have created a Certificate Signing Request (CSR) using the process above, you need to act as a Certificate Authority (CA) and sign this CSR with a certificate, possibly your user certificate. Sign the CSR using the appropriate certificate as the CA with the following openssl command:
```
openssl x509 -req -md5 -CAcreateserial -in proxy.csr -days 1 \
             -CA usercert.pem -CAkey userkey.pem -extfile csr.conf \
             -extensions v3_proxy -out proxycert.pem
```
Note that the backslash ('\') is a 'continuation character' and is utilized here to make this web page easier to read. When executing this command yourself, you can put all command line options on a single line.

Here's an explanation of the command line options:
- -req - the input file is a CSR rather than a certificate.
- -md5 - use MD5 for any message digests.
- -CAcreateserial - create the CA serial number file if it does not exist.
- -in proxy.csr - read in the CSR for the proxy certificate you generated earlier from the file proxy.csr.
- -days 1 - make the proxy certificate valid for 24 hours.
- -CA usercert.pem - use the client certificate usercert.pem to sign the CSR.
- -CAkey userkey.pem - use the private key named userkey.pem corresponding to the client certificate above to sign the CSR.
- -extfile csr.conf - read in certificate extensions from the file csr.conf.
- -extension v3_proxy - read in certificate extensions from the configuration section named v3_proxy.
- -out proxycert.pem - write out the proxy certificate to the file proxycert.pem.
The file that is generated (proxycert.pem in this case) is not actually a proxy certificate as defined in RFC 3820. It lacks both the proxy certificate key and the client certificate which was used to sign the proxy certificate. So to create a proxy certificate for use by most utilities (including Windows XP "Internet Options") you must combine the proxy certificate, proxy key, and user certificate into one big file. A command which accomplishes this is:
```
cat proxycert.pem proxykey.pem usercert.pem > x509up_u_USERNAME
```
where USERNAME is your username. The name for this final proxy certificate is taken from the filename generated by the CoGKit's grid-proxy-init command. However, you are free to name the resulting proxy certificate file anything you like.

Private Keys

Create A Private Key
Many OpenSSL commands require reading in a private key. While you can often create of a private key in the course of running the command, you may want to have a single key that you use for multiple commands. To create a private key, use the following openssl command:
```
> openssl genrsa -des3 -out key.pem 1024
Generating RSA private key, 1024 bit long modulus
......++++++
.................++++++
e is 65537 (0x10001)
Enter pass phrase for key.pem:
Verifying - Enter pass phrase for key.pem:
>
```
Here's an explanation of the command line options:
- -des3 - an optional parameter to encrypt the private key with a triple DES cipher. With this option, you are prompted for a password which must be at least 4 characters long. If you do not want to be private key to be encrypted, omit this command line option.
- -out key.pem - write out the private key to the file key.pem.
- 1024 - generate a private key of type RSA of length 1024 bits. The minimum value is 512. Many people like to use 2048 for a more secure key.
Encrypt A Private Key
If you have a private key that is not encrypted (for example, it was created with the "-nodes" command line option), you can encrypt the private key with a password. A typical openssl command and resulting interactive session is shown here:
```
> openssl rsa -des3 -in hostkeyNOPASSWORD.pem -out hostkeySECURE.pem
writing RSA key
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
>
```
Here's an explanation of the command line options:
- -des3 - encrypt the private key with the triple DES cipher before outputting it. The passphrase you enter must be at least four characters long.
- -in hostkeyNOPASSWORD.pem - read in the unencrypted private key from the file hostkeyNOPASSWORD.pem.
- -out hostkeySECURE.pem - write out the encrypted private key to the file hostkeySECURE.pem.
Decrypt A Private Key
If you have a private key which is encrypted (meaning that you must enter a pass phrase to use it), you can decrypt the private key for use without a password. A typical openssl command and resulting interactive session is shown here:
```
> openssl rsa -in hostkeySECURE.pem -out hostkeyNOPASSWORD.pem
Enter pass phrase for hostkeySECURE.pem:
writing RSA key
>
```
Here's an explanation of the command line options:
- -in hostkeySECURE.pem - read in the encrypted private key from the file hostkeySECURE.pem.
- -out hostkeyNOPASSWORD.pem - write out the unencrypted private key to the file hostkeyNOPASSWORD.pem.

PKCS12 / PEM Formats

Convert PEM Format Certificate To PKCS12 Format Certificate
Most browsers, including Internet Explorer, require that client certificates (which includes proxy certificates) be in the PKCS12 format rather than the X509 PEM format. Additionally, Java KeyStores require certificates to be in PKCS12 format. To convert a PEM formatted certificate to PKCS12 format, you need both the certificate and the private key for that certificate. Here's a typical openssl command and the resulting interactive session when converting PEM format to PKCS12 format:
```
> openssl pkcs12 -export -in cert.pem -inkey key.pem -out cred.p12
Enter Export Password:
Verifying - Enter Export Password:
>
```
First, an explanation of the command line options:
- -export - generate a PKCS12 formatted file.
- -in cert.pem - read in the X509 PEM formatted certificate from the file cert.pem.
- -inkey key.pem - read in the X509 PEM formatted key from the file key.pem.
- -out cred.p12 - write out the PKCS12 formatted 'credential' to the file cred.p12.
Next, some caveats of the interactive session:
- PEM formatted certificates are fairly flexible. For example, both the certificate and the private key for that certificate can be contained in a single file. This is often the case with proxy certificates, which contain the proxy certificate, the proxy private key, and the user certificate (which was used to sign the proxy certificate). If you have a single file containing both the certificate and the key, you can specify the same filename for both the -in and -inkey command line options. OpenSSL will use the first certificate and first private key it finds in the file.
- If the private key is encrypted, you will be prompted to enter the pass phrase for that key before entering the export password.
- The export password does not have to be the same as the password you used for the PEM formatted private key. Whatever password you choose, you will need to enter that new password when importing the new PKCS12 credential into Windows XP.

Convert PKCS12 Format Certificate To PEM Format Certificate

If you have a certificate which appears to be in binary format, then you probably have a PKCS12 formatted file. While the PKCS12 format is used by Java KeyStores and Windows XP "Internet Options", most OpenSSL commands work on PEM formatted certificates and private keys. Fortunately, it is relatively easy to convert one format to the other. Here's a typical openssl command and resulting interactive session when converting PKCS12 format to PEM format:

> openssl pkcs12 -in cred.p12 -out certkey.pem -nodes -clcerts
Enter Import Password:
MAC verified OK
>

First, an explanation of the command line options:

-in - read in the PKCS12 formatted credential from the file cred.p12.
-out - write out both the PEM formatted certificate and private key to the file certkey.pem.
-nodes - an optional parameter NOT to encrypt the private key. If you cannot guarantee secure access to your private key, omit this command line option.
-clcerts - output only client (user) certificates.

Next, some caveats of the interactive session:

You will notice that the command outputs both the certificate and private key to a single file. If you open the certkey.pem file with a text editor, you will see something like this:

While OpenSSL can handle both the certificate and the private key in a single file, it is often preferable to keep the two separate. There are two ways to make separate files for the certificate and the key.

Using the certkey.pem file you generated above, simply save everything between (and including) each of the -----BEGIN----- and -----END----- lines to separate files, named something like cert.pem and key.pem for example.

Alternatively, you can rerun the command twice using the -nokeys and -nocerts command line options as follows:

> openssl pkcs12 -in cred.p12 -out cert.pem -nodes -clcerts -nokeys
Enter Import Password:
MAC verified OK
> openssl pkcs12 -in cred.p12 -out key.pem -nodes -nocerts
Enter Import Password:
MAC verified OK
>

The "Import Password" is the password that was used to generate the PKCS12 file.
If you omit the -nodes command line option, you will also be prompted to "Enter PEM pass phrase". This is a (possibly different) password utilized to encrypt the PEM formatted private key.

View The Contents Of A PKCS12 Formatted File

Since the PKCS12 format is a binary format, it is difficult to see the contents of the file. You can output the PKCS12 in PEM format and see information about the file with the following openssl command:

> openssl pkcs12 -info -nodes -in cred.p12
Enter Import Password:
MAC Iteration 2048
MAC verified OK
PKCS7 Encrypted data: pbeWithSHA1And40BitRC2-CBC, Iteration 2048
Certificate bag
Bag Attributes
    localKeyID: 9B 8A 85 AF 89 9D EB B0 73 3A F8 F1 D3 F7 88 09 22 47 7C E3 
subject=/C=US/ST=Illinois/L=Urbana/O=NCSA/CN=Terry Fleury/emailAddress=tfleury@ncsa.uiuc.edu
issuer=/C=US/ST=Illinois/L=Urbana/O=NCSA/CN=Terry Fleury/emailAddress=tfleury@ncsa.uiuc.edu
-----BEGIN CERTIFICATE-----
MIID1zCCA0CgAwIBAgIJAPznkOa+zeeLMA0GCSqGSIb3DQEBBQUAMIGkMQswCQYD
VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxDzANBgNVBAcTBlVyYmFuYTENMAsG
A1UEChMETkNTQTEjMCEGA1UECxMaU2VjdXJpdHkgUmVzZWFyY2ggRGl2aXNpb24x
GjAYBgNVBAMTEXd3dy5uY3NhLnVpdWMuZWR1MSEwHwYJKoZIhvcNAQkBFhJyb290
QG5jYXMudWl1Yy5lZHUwHhcNMDYwMzAxMTkzMDMxWhcNMDcwMzAxMTkzMDMxWjCB
pDELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMQ8wDQYDVQQHEwZVcmJh
bmExDTALBgNVBAoTBE5DU0ExIzAhBgNVBAsTGlNlY3VyaXR5IFJlc2VhcmNoIERp
dmlzaW9uMRowGAYDVQQDExF3d3cubmNzYS51aXVjLmVkdTEhMB8GCSqGSIb3DQEJ
ARYScm9vdEBuY2FzLnVpdWMuZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQCy8/9Afil4C+wvFdm2p7w6sQsZolXJQ1J07VDySCoguXCi6sCR/AyJEr9E6jP3
50FsgFoMn4d0qhkBb6JwczJtJRPphZIvXTi0rrOzZpe0yTF17NWcc5XXn9M8MbR2
jS97pjJ2AyclvOgGN/nYIdEpBfGKJ0cLQr50rBEAu+GScQIDAQABo4IBDTCCAQkw
HQYDVR0OBBYEFA9U2p42HR64xIK3uK9TqsuBYkorMIHZBgNVHSMEgdEwgc6AFA9U
2p42HR64xIK3uK9TqsuBYkoroYGqpIGnMIGkMQswCQYDVQQGEwJVUzERMA8GA1UE
CBMISWxsaW5vaXMxDzANBgNVBAcTBlVyYmFuYTENMAsGA1UEChMETkNTQTEjMCEG
A1UECxMaU2VjdXJpdHkgUmVzZWFyY2ggRGl2aXNpb24xGjAYBgNVBAMTEXd3dy5u
Y3NhLnVpdWMuZWR1MSEwHwYJKoZIhvcNAQkBFhJyb290QG5jYXMudWl1Yy5lZHWC
CQD855Dmvs3nizAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAAfq52g4
oMVFtzp52pMZevxov9HyJNpuWHOP7y7WHmuYzigDy5vOqJgPki3w3hkdprIKKIb5
7UPwfEZxrW4WwklWllcYV2/00ytZ9tf5GreGhM+AGKOZzv+fDQBtzLr4T4TOjpQO
HtceiR1JeNNVHL+Y53cXbP6qKh0TYn8xVQH3
-----END CERTIFICATE-----
PKCS7 Data
Shrouded Keybag: pbeWithSHA1And3-KeyTripleDES-CBC, Iteration 2048
Bag Attributes
    localKeyID: 9B 8A 85 AF 89 9D EB B0 73 3A F8 F1 D3 F7 88 09 22 47 7C E3 
Key Attributes: <No Attributes>
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQCy8/9Afil4C+wvFdm2p7w6sQsZolXJQ1J07VDySCoguXCi6sCR
/AyJEr9E6jP350FsgFoMn4d0qhkBb6JwczJtJRPphZIvXTi0rrOzZpe0yTF17NWc
c5XXn9M8MbR2jS97pjJ2AyclvOgGN/nYIdEpBfGKJ0cLQr50rBEAu+GScQIDAQAB
AoGATW7y9i8hNobCLiWgTT8LXcIZ8X+i6zGsTlgZ/JxpTjuvl29I4GJV8kIgbWuC
DTUNxCtNy8SD0mF/7HUnrszJ9mKM52mrmKDLDNzvKY5J8Vl+u+7oNp7f8MViAIUK
DvmUEG2RsA7boELYza6jrHRwEgB2Sk03ArW4M5jrS+/xYKECQQDoCOg7u1HcIj0t
eugQmQABfR86N81dE48bILNQlhDjbHlyedmMOmDBMqFEE2ayfb3EtHUoaZ81YHcE
5aDDY8B1AkEAxW+Wy65LE2OnjIYjDSqHUrCpHxa6BrAS2OqYj0VSw1Fs5D4YHg/J
Ku41T5tOkeVsuwQcrGDhWR3+E4I2CTwKjQJARxjbl9nYxlvTZQkg7F0FLG+bTupk
SZ3Bnq1RZGLm/9hwCgyeBSKqHOiXk1VihVST/h7ROzXJ68AIF/8IWHZLNQJAfCns
PJWU81GlqhMlcf8/8TnWcg252cDbaX1Hijp/jQPlJjkCs80bpxr9fd3e8JPG6Gny
mlmm/oOFKMGnt/EBdQJBAJDVOMCPGolE06faCy6qpX6dYSVz1thc/Prvlss9CQAC
GjxDIISsFw71r2h7XdV70oFeJ/r3uhXxbHRim9tFqsI=
-----END RSA PRIVATE KEY-----

Here's an explanation of the command line options:

-info - view all information of the file, including file structure, algorithms used, and interation counts.
-nodes - do not prompt for an encryption password when outputting the private key.
-in cred.p12 - read in the PKCS12 formatted certificate from the file cred.p12.

Testing

Run A Test Server
OpenSSL has a command that implements a generic SSL/TLS server which listens for connections on a given port. This is useful if you have a client you want to test with SSL. To run the test server, you need a host certificate and corresponding private key. If you don't have these yet, there are instructions above for generating a self-signed certificate.
When you run the test server, you must specify a port to listen for connections. Make sure you have adequate permisisons for this port (e.g. open the firewall for the port). Here's a simple openssl command for starting a secure server:
```
> openssl s_server -accept 9000 -cert hostcert.pem -key hostkey.pem
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
```
The server will run until it receives a disconnect signal, for example by typing <CTRL>-C. There are many other options for the test server, such as requiring client certificates, starting a basic web server, disabling certain SSL or TLS protocols, etc. For a full list of command line options, run man s_server.

Run A Test Client

If you have a server which accepts SSL connections and would like to verify that server, OpenSSL has a command that implements a generic SSL/TLS client which connects to a remote host. It is a useful diagnostic utility when you don't want to use a full-featured client to test the SSL connection.

When you run the client you will see the response from the server, typically the results of the SSL handshake. Here's a typical openssl command to start a test client and the resulting response from a test server:

> openssl s_client -connect localhost:9000 -CApath /etc/grid-security/certificates
CONNECTED(00000003)
depth=0 /C=US/ST=Illinois/L=Urbana/O=NCSA/CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=US/ST=Illinois/L=Urbana/O=NCSA/CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
verify return:1
---
Certificate chain
 0 s:/C=US/ST=Illinois/L=Urbana/O=NCSA/CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
   i:/C=US/ST=Illinois/L=Urbana/O=NCSA/CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDdTCCAt6gAwIBAgIJAI+DwwKU64gxMA0GCSqGSIb3DQEBBQUAMIGEMQswCQYD
VQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxDzANBgNVBAcTBlVyYmFuYTENMAsG
A1UEChMETkNTQTEaMBgGA1UEAxMRd3d3Lm5jc2EudWl1Yy5lZHUxJjAkBgkqhkiG
9w0BCQEWF3dlYm1hc3RlckBuY3NhLnVpdWMuZWR1MB4XDTA2MDMwNzE5MTU0NloX
DTA3MDMwNzE5MTU0NlowgYQxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhJbGxpbm9p
czEPMA0GA1UEBxMGVXJiYW5hMQ0wCwYDVQQKEwROQ1NBMRowGAYDVQQDExF3d3cu
bmNzYS51aXVjLmVkdTEmMCQGCSqGSIb3DQEJARYXd2VibWFzdGVyQG5jc2EudWl1
Yy5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANXMAH439JNT5EMs6+Jg
c8wYNMjakffoRqIohYRb2jJpmaFtCBTskK/dzMcuAjc0/O74qcuSbeL1dJknNJQu
2KoK8teJC0/wnltrt6Wt3mi11Es3REnukn94YvMjPiTcLqyCdybJzIFQIwpUs+2c
pSCkHPrds+5XDtm6QSeb1qzjAgMBAAGjgewwgekwHQYDVR0OBBYEFJ0f4iq9saQ1
Br+bbfj/6mO1KGpHMIG5BgNVHSMEgbEwga6AFJ0f4iq9saQ1Br+bbfj/6mO1KGpH
oYGKpIGHMIGEMQswCQYDVQQGEwJVUzERMA8GA1UECBMISWxsaW5vaXMxDzANBgNV
BAcTBlVyYmFuYTENMAsGA1UEChMETkNTQTEaMBgGA1UEAxMRd3d3Lm5jc2EudWl1
Yy5lZHUxJjAkBgkqhkiG9w0BCQEWF3dlYm1hc3RlckBuY3NhLnVpdWMuZWR1ggkA
j4PDApTriDEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCbdDKNLTJ4
bJvybjjAqdGzWvu7rX6RExZYm0RuJGK8XSb2CuNhaY/Y7Dp3k2Nb4P9spZlYP9qR
ZDmx2lUPhL5SEKLSbTk+Grsj4GdxknkT7+8c58mNHTCnxF3XLMk016hYRc+SFiK7
VaoZ9xdS3g7vKvRO9a+kWD3C3j+ceKaf+g==
-----END CERTIFICATE-----
subject=/C=US/ST=Illinois/L=Urbana/O=NCSA/CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
issuer=/C=US/ST=Illinois/L=Urbana/O=NCSA/CN=www.ncsa.uiuc.edu/emailAddress=webmaster@ncsa.uiuc.edu
---
No client certificate CA names sent
---
SSL handshake has read 1325 bytes and written 276 bytes
---
New, TLSv1/SSLv3, Cipher is DHE-RSA-AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1
    Cipher    : DHE-RSA-AES256-SHA
    Session-ID: 8B3CE529A77AE42B854B0A4A2083BF5E75DB0BE9B8E2847479441F4F70AEA8E6
    Session-ID-ctx: 
    Master-Key: BBEDB1ABC87B9E0B7D3576FFD8FC24E4E432E809D881189A7159EA5DA12211E9329C7B422078041F67D0847498AF27DB
    Key-Arg   : None
    Start Time: 1141759882
    Timeout   : 300 (sec)
    Verify return code: 18 (self signed certificate)
---

You can see here that the server is using a self-signed certificate. Upon successful connection, the SSL channel is typically left open. Anything you type at this point will be sent to the server. To quit the client, you can either type <CTRL>-C or the single character "Q". There are many other options for the test client, such as using a client certificate, disabling certain SSL or TLS protocols, etc. For a full list of command line options, run man s_client.

NCSA CyberSecurity

Projects and Software

Creating Certificates

Viewing Certificates

Proxy Certificates

Private Keys

PKCS12 / PEM Formats

Testing