← 返回命令列表

Linux command

openssl 命令

文本

复制后可按需替换文件名、目录或参数。

常用示例

Generate a private key

openssl genrsa -out [private.key] [2048]

Generate a certificate signing request

openssl req -new -key [private.key] -out [request.csr]

Generate a self-signed certificate

openssl req -x509 -newkey rsa:4096 -keyout [key.pem] -out [cert.pem] -days [365] -nodes

View certificate details

openssl x509 -in [certificate.crt] -text -noout

Check certificate expiration

openssl x509 -enddate -noout -in [certificate.crt]

Verify certificate chain

openssl verify -CAfile [ca.crt] [certificate.crt]

Test SSL connection

openssl s_client -connect [host:443]

Encrypt a file

openssl enc -aes-256-cbc -salt -in [plaintext.txt] -out [encrypted.enc]

Decrypt a file

openssl enc -aes-256-cbc -d -in [encrypted.enc] -out [decrypted.txt]

Generate random bytes

openssl rand -base64 [32]

说明

OpenSSL is a robust toolkit for cryptographic operations, SSL/TLS protocols, and certificate management. It provides commands for generating keys, creating certificates, encrypting data, testing connections, and performing various cryptographic functions. The toolkit supports numerous algorithms for encryption (AES, DES, ChaCha20), hashing (SHA, MD5), and public key cryptography (RSA, ECDSA, Ed25519). It can act as a client or server for testing SSL/TLS connections. OpenSSL is essential for system administrators managing certificates, developers implementing secure communications, and security professionals analyzing cryptographic configurations.

参数

-in _file_
Input file.
-out _file_
Output file.
-noout
No output (for viewing).
-text
Human-readable output.
-nodes
No DES encryption of private key.
-days _n_
Certificate validity period.
-subj _subject_
Certificate subject DN.

FAQ

What is the openssl command used for?

OpenSSL is a robust toolkit for cryptographic operations, SSL/TLS protocols, and certificate management. It provides commands for generating keys, creating certificates, encrypting data, testing connections, and performing various cryptographic functions. The toolkit supports numerous algorithms for encryption (AES, DES, ChaCha20), hashing (SHA, MD5), and public key cryptography (RSA, ECDSA, Ed25519). It can act as a client or server for testing SSL/TLS connections. OpenSSL is essential for system administrators managing certificates, developers implementing secure communications, and security professionals analyzing cryptographic configurations.

How do I run a basic openssl example?

Run `openssl genrsa -out [private.key] [2048]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does -in _file_ do in openssl?

Input file.