Outils pour utilisateurs

Outils du site


informatique:openssl

Ceci est une ancienne révision du document !


OpenSSL

Code Signing with OpenSSL

Vérification de certificat avec OpenSSL

 openssl s_client -connect isc.sans.org:443

on line tools:

Certificate Chaining

On this page you'll find how to create only one file which contains your certificate and others chain certificates (Concatenate them in one), like, I think, you could have only one configuration directive to use : the CertificateFile, and to not need the CertificateChainFile anymore :

http://help.globalscape.com/help/eft5/admin/certificate_chaining.htm

Key generation

http://www.fil.univ-lille1.fr/~wegrzyno/portail/PAC/Doc/TP5/tp-certif002.html

  # Génération des clés
  openssl genrsa -out maCle.pem 1024
  # Exportation de la partie publique
  openssl rsa -in maCle.pem -pubout -out maClePublique.pem

Decode

Afficher les données d'un CSR:

openssl req -in theCertificateSigningResquest.csr -noout -text

Afficher les données d'un certificat encodé PEM:

openssl x509 -in theCertificate.crt -noout -text

Heartbleed

CVE-2014-0160, CVE-2014-0160 on nist.gov

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug.

informatique/openssl.1397347549.txt.gz · Dernière modification : 13/04/2014 02:05 de cyrille

Sauf mention contraire, le contenu de ce wiki est placé sous les termes de la licence suivante : CC0 1.0 Universal
CC0 1.0 Universal Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki