openssl pkcs12 -export -out myCert.pfx -inkey myPrivateKey.key -in certificate.crt -certfile CACert.crt
openssl pkcs12 -in myCert.pfx -out myCert.pem -nodes
openssl x509 -inform der -in myCert.cer -out myCert.pem
openssl s_client -connect www.paypal.com:443
openssl req -text -noout -verify -in myCSR.csr
openssl rsa -in myPrivateKey.key -check
openssl x509 -in certificate.crt -text -noout
openssl pkcs12 -info -in keyStore.p12
openssl pkcs12 -in <container>.p12 -clcerts -passout pass:"" | openssl x509 -serial -noout
openssl pkcs12 -in <container>.p12 -clcerts -passout pass:"" | openssl x509 -fingerprint -noout
OpenSSL is a free and open-source cryptographic library that provides several command-line tools for handling digital certificates. A certificate authority (CA) is an entity that signs digital certificates. Many websites need to let their customers know that the connection is secure, so they pay an internationally trusted CA (eg, VeriSign, DigiCert) to sign a certificate for their domain
openssl genrsa -des3 -out myPrivateKey.key 2048
openssl req -x509 -sha256 -new -key myPrivateKey.key -out myCA.cer -days 730 -subj /CN=“My CA"
openssl req -new -out myCert.req -key myPrivateKey.key -subj /CN=*.mydomain.com
openssl x509 -req -sha256 -in myCert.req -out myCert.cer -CAkey myPrivateKey.key -CA myCA.cer -days 365 -CAcreateserial -CAserial serial
openssl pkcs12 -export -out myCert.pfx -inkey myPrivateKey.key -in myCert.cer
openssl req -out myCSR.csr -key myPrivateKey.key -new
openssl req -out myCSR.csr -new -newkey rsa:2048 -nodes -keyout myPrivateKey.key
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout myPrivateKey.key -out myCert.crt
openssl x509 -x509toreq -in myCert.crt -out myCSR.csr -signkey myPrivateKey.key
openssl pkcs12 -in my.p12 -nocerts -out myPrivateKey.key
openssl pkcs12 -in my.p12 -clcerts -nokeys -out myCert.crt