Easiest way to test keys?
Sorry for a newbie question, but I have been unable to find an answer for this. I (think that I) have created the certs and keys necessary for SSL connections between a client and the servers of a MySQL database. But I can't bring down those servers except to make the change. Is there a way I can tell if the keys and all the PEMs I'd made are correctly generated and copied to the right machines via some other utility? I was hoping to do something like a telnet -ssl-key=blah to-server blah... So I could test the keys and stuff via telnet or something easy. Does openssl have a test for that? I can't install apache. Thanks, Tim... - Timothy John Little 39-12 211th Street, Apt 2 Bayside, NY 11361 Cell(347) 804-3410 e-mailmailto:t...@clawhaven.com t...@clawhaven.com Home (718) 631-2774 Website http://www.clawhaven.com http://www.clawhaven.com http://www.linkedin.com/in/mysqlpro LinkedIn Profile
Re: Easiest way to test keys?
your certificate is signed you simply need to verify the signature with the verify command. openssl verify -CAfile yourca.cert your.cert if you have a deeper certification path you must contatenate all the certs in path into a .lst file which contains the PEM certificates one after other. I hope to be helpfull and clear with my english. Greetings 2009/12/26 Timothy Little t...@clawhaven.com Sorry for a newbie question, but I have been unable to find an answer for this. I (think that I) have created the certs and keys necessary for SSL connections between a client and the servers of a MySQL database. But I can't bring down those servers except to make the change. Is there a way I can tell if the keys and all the PEMs I'd made are correctly generated and copied to the right machines via some other utility? I was hoping to do something like a telnet -ssl-key=blah to-server blah... So I could test the keys and stuff via telnet or something easy. Does openssl have a test for that? I can't install apache. Thanks, Tim... * - * *Timothy John Little *39-12 211th Street, Apt 2 Bayside, NY 11361 *Cell**(347) 804-3410* *e-mail* t...@clawhaven.com *Home* *(718) 631-2774* *Website *http://www.clawhaven.com LinkedIn Profile http://www.linkedin.com/in/mysqlpro -- Hay que darle un sentido a la vida por el hecho mismo de que la vida carece de sentido.
(newbie) private key vs. keystore confusion
Hello, I'm confused somewhat about the workings of OpenSSL, in particular the following command: openssl pkcs12 -export -inkey servicekey.pem -in servicecert.pem -out service.p12 -name myservicekey -passin pass:sspass -passout pass:skpass Question: Does the above command create a private key named service.p12 or a keystore named service.p12 that has a private key within it? I'm not sure what service.p12 is -- is it a keystore or a private key? If it is a keystore containing a private key, just to confirm, there is no real way with OpenSSL to create a private key without its enclosing keystore, correct? I.e., it is usual and normal for OpenSSL to create its private keys within keystores. But if it is just a private key, does OpenSSL provide the ability to create a keystore that can be used to house this private key? (What would the command be for that)? Thanks, Glen
How can I decrypt a DES-EDE3-CBC file?
Hi, what's the openssl command to decrypt a DES-EDE3-CBC file? thanks! Chris -- View this message in context: http://old.nabble.com/How-can-I-decrypt-a-DES-EDE3-CBC-file--tp26908094p26908094.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Could you please help me about the basics of how to set and run open-ssl on my server
Hi Open-SSL Users, Could you please help me about the basics of how to set and run open-ssl on my server. Thanks
(newbie) private key vs. keystore confusion
Hello, I'm confused somewhat about the workings of OpenSSL, in particular the following command: openssl pkcs12 -export -inkey servicekey.pem -in servicecert.pem -out service.p12 -name myservicekey -passin pass:sspass -passout pass:skpass Question: Does the above command create a private key named service.p12 or a keystore named service.p12 that has a private key within it? I'm not sure what service.p12 is -- is it a keystore or a private key? If it is a keystore containing a private key, just to confirm, there is no real way with OpenSSL to create a private key without its enclosing keystore, correct? I.e., it is usual and normal for OpenSSL to create its private keys within keystores. But if it is just a private key, does OpenSSL provide the ability to create a keystore that can be used to house this private key? (What would the command be for that)? Thanks, Glen