Skip to content

Instantly share code, notes, and snippets.

@hbakhtiyor
Last active May 9, 2019 18:53
Show Gist options
  • Save hbakhtiyor/001eeca72446eba49840 to your computer and use it in GitHub Desktop.
Save hbakhtiyor/001eeca72446eba49840 to your computer and use it in GitHub Desktop.
Send secure email messages/files using SSL public certificate without PGP keys
# https://www.madboa.com/geek/openssl - Some usefull openssl cooks.
# If you couldn't find somebody's PGP key, you can still send secure
# email using their SSL public certificate
# Fetching public certificate from example.com server and grabing the key from stream.
openssl s_client -connect example.com:443 | sed -ne \
'/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > publickey.pem
# Encrypting a file/message using retrieved public certificate.
# You can choose another encryption algorithms, rather than `des3`.
# If a file is a binary file, you must put `-binary` option.
openssl smime -encrypt [-binary] [-des3] -in secret.xxx \
-from foo@bar.com -to mail@example.com \
-subject "Top secret message/file" \
-out secret.enc.txt publickey.pem
# Decrypting the encrypted file/message using private key (placed to example.com server).
# The `-binary` & `-des3` options are optional.
openssl smime -decrypt [-binary] [-des3] -in secret.enc.txt \
-out secret.xxx -inkey privatekey.pem
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment