OpenSSL Cheatsheet
OpenSSL Command Line Utility
The OpenSSL command-line tool is a powerful utility for working with SSL/TLS certificates, keys, and various cryptographic operations. This cheatsheet covers essential commands for generating random data and RSA private keys, crucial for secure application development and system administration.
Generate Random Strings
Generating secure random strings is fundamental for creating passwords, session tokens, and cryptographic nonces. OpenSSL provides straightforward methods to produce random bytes and output them in common formats like hexadecimal and Base64.
Generates a random string of bytes and outputs in hexadecimal format:
openssl rand -hex 16
Generates a random string of bytes and outputs in base64 format:
openssl rand -base64 24
Generate RSA Private Keys
RSA private keys are essential for asymmetric encryption and digital signatures. OpenSSL allows for the generation of RSA keys with specified bit lengths and their subsequent management, including conversion to different formats and encryption for secure storage.
Generate a new RSA private key of 2048 bits, convert RSA private key to PKCS8 format, encrypt using DES3 algorithm and store private key in PEM format:
openssl genrsa 2048 | openssl pkcs8 -topk8 -v2 des3 -inform PEM -out my_rsa_key.p8
Create a public key from the private key:
openssl rsa -in my_rsa_key.p8 -pubout -out my_rsa_key.pub