fachinformatiker-wiki

it's easy when it's here

User Tools

Site Tools

Trace:
linux:verschluesselung:openssl

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
linux:verschluesselung:openssl [2025/03/19 17:13] – [Zertifikate konvertieren] gsyslinux:verschluesselung:openssl [2025/05/06 11:48] (current) gsys
Line 1: Line 1:
 ====== OpenSSL ====== ====== OpenSSL ======
 +
 ===== Nützliche Befehle ===== ===== Nützliche Befehle =====
 <code> <code>
Line 71: Line 72:
  
 ===== Zertifikate konvertieren ===== ===== Zertifikate konvertieren =====
 +
 +==== Reihenfolge einer Chain ====
 +Optimal:
 +<code>
 +-----BEGIN CERTIFICATE-----
 +[Server Certificate]
 +-----END CERTIFICATE-----
 +-----BEGIN CERTIFICATE-----
 +[Intermediate certificate L1]
 +-----END CERTIFICATE-----
 +-----BEGIN CERTIFICATE-----
 +[Intermediate certificate L2]
 +-----END CERTIFICATE-----
 +</code>
 +Unnötig da Root in Browser/OS Cert store bereits enthalten:
 +<code>
 +-----BEGIN CERTIFICATE-----
 +[Server Certificate]
 +-----END CERTIFICATE-----
 +-----BEGIN CERTIFICATE-----
 +[Intermediate certificate L1]
 +-----END CERTIFICATE-----
 +-----BEGIN CERTIFICATE-----
 +[Intermediate certificate L2]
 +-----END CERTIFICATE-----
 +-----BEGIN CERTIFICATE-----
 +[Root Certificate]
 +-----END CERTIFICATE-----
 +</code>
 +https://success.qualys.com/support/s/article/000005824 \\
 +https://success.qualys.com/support/s/article/000003197
 +
 +==== Befehle ====
 +
 ''P12 == PFX'' \\ ''P12 == PFX'' \\
 +
 FIXME PEM vs CRT FIXME PEM vs CRT
 <code> <code>
Line 84: Line 120:
 openssl x509 -inform der -in certificate.cer -out certificate.pem                  #der in pem openssl x509 -inform der -in certificate.cer -out certificate.pem                  #der in pem
 openssl pkcs7 -inform der -in cacert.p7b -out cacert.pem                           #p7p in pem openssl pkcs7 -inform der -in cacert.p7b -out cacert.pem                           #p7p in pem
 +</code>
 +
 +Permissions
 +<code>
 +chmod 700 private                                                                  #private key folder
 +chmod 600 private.key                                                              #private key
 +chmod 755 certs                                                                    #public certs folder
 +chmod 644 cert.pem                                                                 #public key file
 </code> </code>
  
linux/verschluesselung/openssl.1742400796.txt.gz · Last modified: 2025/03/19 17:13 by gsys