# generate param key
openssl dsaparam -out dsaparam.pem 2048
# generate private key
openssl gendsa -out privatekey.pem dsaparam.pem
# generate certificat
openssl req -new -x509 -key privatekey.pem -out cert.pem -days 365
# convert to der (crt) format
openssl x509 -outform der -in cert.pem -out cert.crt
Monday, October 24, 2011
Wednesday, October 12, 2011
Sign file and Verify signature with openssl 1.0.0e
Input : pkcs12 file (server.p12) that contains certificate and privatekey
1) Export the certificate
openssl pkcs12 -in server.p12 -out mycert.pem
2) Extract privatekey
openssl pkcs12 -in server.p12 -nocerts -out privatekey.pem
3) Export public key
openssl x509 -inform pem -in publiccert.pem -pubkey -noout > publickey.pem
4) Sign file
openssl dgst -sha1 -sign privatekey.pem -out CA.pl.sha1 CA.pl
5) Verify signature
openssl dgst -sha1 -verify publickey.pem -signature CA.pl.sha1 CA.pl
1) Export the certificate
openssl pkcs12 -in server.p12 -out mycert.pem
2) Extract privatekey
openssl pkcs12 -in server.p12 -nocerts -out privatekey.pem
3) Export public key
openssl x509 -inform pem -in publiccert.pem -pubkey -noout > publickey.pem
4) Sign file
openssl dgst -sha1 -sign privatekey.pem -out CA.pl.sha1 CA.pl
5) Verify signature
openssl dgst -sha1 -verify publickey.pem -signature CA.pl.sha1 CA.pl
Subscribe to:
Posts (Atom)