Skip to content

Instantly share code, notes, and snippets.

@gmassawe

gmassawe/openssl_cheat_sheet.md

Last active March 18, 2026 00:44
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save gmassawe/e18514878a5d660009a82474dafa9c49 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save gmassawe/e18514878a5d660009a82474dafa9c49 to your computer and use it in GitHub Desktop.
Download ZIP
OpenSSL Cheat Sheet
Raw
openssl_cheat_sheet.md

OpenSSL Cheat Sheet

OpenSSL version note: Commands below target OpenSSL 3.x. Some flags differ in 1.x — noted inline where relevant.

Listing Available Ciphers

List all available ciphers with details:

openssl ciphers -v

List TLS 1.3 ciphersuites (these are separate from TLS 1.2 and below):

openssl ciphers -v 'TLSv1.3'

List unique cipher algorithms:

openssl list -cipher-algorithms

Key and Certificate Conversion Commands

Convert DER to PEM for a Private Key

openssl pkey -inform DER -outform PEM -in privatekey.der -out privatekey.pem

openssl pkey is preferred over openssl rsa in OpenSSL 3.x — it works for RSA, EC, and Ed25519 keys. The openssl rsa subcommand still works but is key-type specific.

Remove Passphrase from a Private Key

openssl pkey -in privatekey.pem -out privatekey_nopass.pem

Convert PEM to DER for a Private Key

openssl pkey -inform PEM -outform DER -in privatekey.pem -out privatekey.der

Convert DER to PEM for X.509 Certificate

openssl x509 -inform DER -outform PEM -in certificate.der -out certificate.pem

Convert PEM to DER for X.509 Certificate

openssl x509 -inform PEM -outform DER -in certificate.pem -out certificate.der

Convert PEM to CRT (rename format, no passphrase on certs)

openssl x509 -in certificate.pem -out certificate.crt

PKCS Conversions

Convert PEM to PKCS#7 (P7B) Format

openssl crl2pkcs7 -nocrl -certfile certificate.pem -out certificate.p7b

Convert PKCS#7 (P7B) to PEM Format

openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem

Convert PKCS#7 (P7B) to PKCS#12 (PFX) Format

  1. Extract the certificates:

    openssl pkcs7 -print_certs -in certificate.p7b -out certificate.pem

  2. Combine with the private key to create a PFX file:

    openssl pkcs12 -export -in certificate.pem -inkey privatekey.key \
  -out certificate.pfx -certfile CACert.pem

Convert PKCS#12 (PFX) to PEM Format

openssl pkcs12 -in certificate.pfx -out certificate.pem -noenc

Changed from -nodes — that flag was deprecated in OpenSSL 3.x. Use -noenc instead. Both do the same thing (output unencrypted private key) but -nodes will generate a deprecation warning in OpenSSL 3.x.

Legacy compatibility: If the PFX was created with an older tool (e.g., Windows, Java keystores pre-JDK 9) and you get a MAC or decryption error, add the -legacy flag:

openssl pkcs12 -in certificate.pfx -out certificate.pem -noenc -legacy

Convert PEM to PKCS#12 (PFX) Format

openssl pkcs12 -export -out certificate.pfx \
  -inkey privatekey.key \
  -in certificate.crt \
  -certfile CACert.crt

Generating Private Keys and CSRs

Generate an RSA Private Key (4096-bit recommended)

openssl genpkey -algorithm RSA -out privatekey.pem -pkeyopt rsa_keygen_bits:4096

Why 4096 instead of 2048? NIST SP 800-131A recommends 3072-bit RSA as the minimum for security past 2030. 4096-bit is the safe default for new long-lived keys. 2048-bit is still technically valid today but is approaching end-of-life guidance.

Generate an Elliptic Curve Private Key

P-384 (NIST curve, conservative choice):

openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-384 -out eckey.pem

P-256 (still secure, widely supported):

openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -out eckey.pem

Generate an Ed25519 Key (modern, fast, strongly recommended)

openssl genpkey -algorithm Ed25519 -out ed25519key.pem

Ed25519 is a modern signature algorithm with strong security properties and no parameter choices to get wrong. Preferred over RSA and ECDSA for new systems where compatibility with very old clients isn't a concern.

Generate a CSR with SHA-256

Basic CSR:

openssl req -new -key privatekey.pem -out request.csr -sha256

CSR with Subject Alternative Names (recommended):

openssl req -new -key privatekey.pem -out request.csr -sha256 \
  -subj "/CN=example.com/O=Your Org/C=US" \
  -addext "subjectAltName=DNS:example.com,DNS:www.example.com"

Why SANs? All major browsers and RFC 2818 require Subject Alternative Names for hostname verification. A CSR with only a Common Name (CN) will result in certificates rejected by modern clients. Always include at least one DNS: SAN matching your hostname.

Note for Ed25519 CSRs: Drop -sha256 — Ed25519 uses its own digest internally and doesn't accept a separate hash flag:

openssl req -new -key ed25519key.pem -out request.csr \
  -subj "/CN=example.com" \
  -addext "subjectAltName=DNS:example.com"

Viewing and Verifying Files

View Certificate Details

openssl x509 -in certificate.pem -text -noout

Check Certificate Expiry Dates

openssl x509 -in certificate.pem -noout -dates

Check a live server's certificate expiry directly:

openssl s_client -connect example.com:443 </dev/null 2>/dev/null \
  | openssl x509 -noout -dates

Verify a Private Key Matches a Certificate

openssl x509 -noout -modulus -in certificate.pem | openssl sha256
openssl pkey -noout -modulus -in privatekey.pem | openssl sha256

Changed from MD5 — the original used openssl md5 which is a broken hash algorithm. Both commands must produce the same SHA-256 hash for the key and certificate to match.

For Ed25519/EC keys, check with the public key fingerprint instead:

openssl pkey -in privatekey.pem -pubout | openssl sha256
openssl x509 -in certificate.pem -pubkey -noout | openssl sha256

Verify a Certificate Chain

openssl verify -CAfile ca-bundle.pem certificate.pem

TLS Connection Testing

Test a Server's TLS Configuration

openssl s_client -connect example.com:443

Force TLS 1.3 Only

openssl s_client -connect example.com:443 -tls1_3

Force TLS 1.2 Only

openssl s_client -connect example.com:443 -tls1_2

Connections using TLS 1.0 or TLS 1.1 should be refused. Both protocols are deprecated by RFC 8996 (March 2021). If a server only accepts TLS 1.0/1.1, that's a finding.

Test with SNI (required for virtual hosting)

openssl s_client -connect example.com:443 -servername example.com

Check OCSP Stapling

openssl s_client -connect example.com:443 -status </dev/null 2>/dev/null \
  | grep -A 10 "OCSP response"

View the Full Certificate Chain a Server Presents

openssl s_client -connect example.com:443 -showcerts </dev/null 2>/dev/null \
  | openssl x509 -noout -text
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment