-
-
Save ryanwinchester/e7044dbeca6864bc83e9747879af7333 to your computer and use it in GitHub Desktop.
OpenSSL Generate 4096-bit Certificate (Public/Private Key Encryption) with SHA256 Fingerprint
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generate Private Key and Certificate using RSA 256 encryption (4096-bit key) | |
| openssl req -x509 -newkey rsa:4096 -keyout privatekey.pem -out certificate.pem -days 365 | |
| # Alternatively, setting the "-newkey" parameter to "rsa:2048" will generate a 2048-bit key. | |
| # Generate PKCS#12 (P12) file for cert; combines both key and certificate together | |
| openssl pkcs12 -export -inkey privatekey.pem -in certificate.pem -out cert.pfx | |
| # Generate SHA256 Fingerprint for Certificate and export to a file | |
| openssl x509 -noout -fingerprint -sha256 -inform pem -in certificate.pem >> fingerprint.txt | |
| # Generate SHA1 Fingerprint for Certificate and export to a file | |
| #openssl x509 -noout -fingerprint -sha1 -inform pem -in certificate.pem >> fingerprint.txt | |
| # FYI, it's best practice to use SHA256 instead of SHA1 for better security, but this shows how to do it if you REALLY need to. | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment