45 expert Openssl answers researched from official documentation. Every answer cites authoritative sources you can verify.
Use the command: openssl genrsa -out server.key 2048. This generates a 2048-bit RSA private key and saves it to server.key. The default key size is 2048 bits, and values less than 512 are not allowed. For the modern recommended approach, use: openssl genpkey -algorithm RSA -out server.key -pkeyopt rsa_keygen_bits:2048. The genpkey command is the unified interface for key generation that supersedes older algorithm-specific commands like genrsa.
Use the command: openssl ecparam -genkey -name prime256v1 -out ec_private.key. The prime256v1 (also called P-256 or secp256r1) is the most common curve for web servers. Other curves: P-384 (secp384r1), P-521 (secp521r1). Modern approach: openssl genpkey -algorithm EC -out ec_private.key -pkeyopt ec_paramgen_curve:P-256 -pkeyopt ec_param_enc:named_curve. EC keys are smaller and faster than RSA at equivalent security levels.
Use the command: openssl rsa -in encrypted.key -out decrypted.key. You will be prompted for the current passphrase. The output file will not be encrypted. For EC keys: openssl ec -in encrypted.key -out decrypted.key. This is useful when you need to use the key with servers that cannot prompt for passphrases on startup.
For RSA keys: openssl rsa -in private.key -pubout -out public.key. The -pubout flag extracts and outputs the public key. For EC keys: openssl ec -in private.key -pubout -out public.key. For any key type with genpkey: openssl pkey -in private.key -pubout -out public.key. The output is in PEM format with BEGIN PUBLIC KEY header.
The -nodes option means 'no DES' encryption, not 'nodes'. When used, the private key will not be encrypted with a passphrase. Without -nodes, OpenSSL will prompt for a passphrase and encrypt the private key using DES or another cipher. Use -nodes when you need an unencrypted private key for automated server use (no manual passphrase entry on restart). In OpenSSL 3.0, -nodes was deprecated in favor of -noenc.
genrsa is the legacy command specifically for RSA key generation: openssl genrsa -out key.pem 2048. genpkey is the modern unified command supporting multiple algorithms (RSA, EC, ED25519, X25519, DSA): openssl genpkey -algorithm RSA -out key.pem -pkeyopt rsa_keygen_bits:2048. OpenSSL recommends genpkey because it provides a unified interface and supports additional algorithm options and ENGINE-provided algorithms. Both produce compatible keys.
Use the command: openssl rsa -in unencrypted.key -aes256 -out encrypted.key. You will be prompted for a passphrase. The -aes256 specifies AES-256 encryption. Other ciphers available: -aes128, -aes192, -des3. To encrypt during key generation: openssl genrsa -aes256 -out server.key 2048. The encrypted key will have a header like: -----BEGIN ENCRYPTED PRIVATE KEY----- or -----BEGIN RSA PRIVATE KEY----- with Proc-Type and DEK-Info headers.
Use the command: openssl pkcs12 -export -out certificate.pfx -inkey server.key -in server.crt. You will be prompted for an export password to protect the PFX file. To include intermediate certificates add: -certfile intermediate.crt. PKCS#12/PFX is a binary format that stores the certificate chain and private key in a single encrypted file, commonly used on Windows. For OpenSSL 3.0+ compatibility: openssl pkcs12 -export -out certificate.pfx -inkey server.key -in server.crt -legacy.
Use simple concatenation: cat server.key server.crt > combined.pem. The PEM format allows multiple items (keys, certificates) in one file, separated by their BEGIN/END markers. The private key should come first, followed by the certificate. This combined PEM file can be used directly with many servers. Alternatively, create a PKCS#12 file: openssl pkcs12 -export -out combined.pfx -inkey server.key -in server.crt, then convert to PEM if needed.
PEM (Privacy Enhanced Mail) is a Base64-encoded ASCII format with header/footer lines like -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----. It is the most common format and can contain multiple certificates/keys in one file. DER (Distinguished Encoding Rules) is binary format, more compact but not human-readable. DER files typically have .der or .cer extensions. PEM files have .pem, .crt, .cer, or .key extensions. To identify format: if the file starts with -----BEGIN, it is PEM; if it is binary, it is DER.
To extract everything to PEM: openssl pkcs12 -in certificate.pfx -out all.pem -nodes. To extract only the private key: openssl pkcs12 -in certificate.pfx -out key.pem -nodes -nocerts. To extract only certificates (no key): openssl pkcs12 -in certificate.pfx -out certs.pem -nokeys. To view contents without extracting: openssl pkcs12 -info -in certificate.pfx -nodes. The -nodes flag outputs unencrypted key (use -noenc in OpenSSL 3.0+).
Use the command: openssl x509 -outform der -in certificate.pem -out certificate.der. The -outform der specifies DER output format. The -in specifies the input PEM file. The -out specifies the output DER file. For private keys, use: openssl rsa -inform pem -in key.pem -outform der -out key.der. DER format is commonly used with Java platforms.
Use the command: openssl x509 -inform der -in certificate.der -out certificate.pem. The -inform der specifies that the input is in DER format. The -in specifies the input DER file. The -out specifies the output PEM file. For explicit format specification: openssl x509 -in certificate.der -inform DER -out certificate.pem -outform PEM.
Use openssl dgst with -sign: openssl dgst -sha256 -sign private.key -out signature.bin data.txt. This creates a binary signature file. To verify: openssl dgst -sha256 -verify public.key -signature signature.bin data.txt. For base64-encoded signature, pipe through base64: openssl dgst -sha256 -sign private.key data.txt | base64 > signature.b64. The signature algorithm combines the hash (-sha256) with the key type (RSA, EC).
Use the command: openssl rand -hex 32 (for hex output) or openssl rand -base64 32 (for base64 output). The number specifies bytes before encoding. Raw bytes: openssl rand 32 (may contain unprintable characters). The -hex flag produces 2 hex characters per byte (32 bytes = 64 hex chars). The -base64 flag produces base64-encoded output. To save to file: openssl rand -hex 32 -out random.txt. OpenSSL uses a cryptographically secure PRNG with 256-bit security.
Use the command: openssl dgst -sha256 file.txt. Output format: SHA256(file.txt)= abc123... For hex output explicitly: openssl dgst -sha256 -hex file.txt. For binary output: openssl dgst -sha256 -binary file.txt. Alternative syntax: openssl sha256 file.txt. Available algorithms include md5, sha1, sha224, sha256, sha384, sha512. To list all: openssl dgst -list. Note: SHA-256 is the default since OpenSSL 1.1.0; previously MD5 was default.
Use the command: openssl enc -aes-256-cbc -salt -pbkdf2 -in plaintext.txt -out encrypted.enc. You will be prompted for a password. The -salt adds random data for security. The -pbkdf2 uses modern key derivation (recommended). For base64-encoded output add -a: openssl enc -aes-256-cbc -salt -pbkdf2 -a -in plaintext.txt -out encrypted.txt. To specify password on command line: -pass pass:mypassword (less secure).
Use the command: openssl enc -d -aes-256-cbc -pbkdf2 -in encrypted.enc -out decrypted.txt. The -d flag specifies decryption. You will be prompted for the password. If the file was base64-encoded, add -a: openssl enc -d -aes-256-cbc -pbkdf2 -a -in encrypted.txt -out decrypted.txt. The encryption parameters (cipher, pbkdf2, etc.) must match those used during encryption.
Use the command: openssl x509 -in certificate.crt -noout -dates. This outputs: notBefore=Jan 21 12:00:00 2026 GMT and notAfter=Jan 21 12:00:00 2027 GMT. The notBefore is the start date and notAfter is the expiration date. To check expiration date only: openssl x509 -in cert.crt -noout -enddate. For more detailed output: openssl x509 -in cert.crt -noout -startdate -enddate.
Use the command: openssl x509 -in certificate.crt -text -noout. This prints full certificate details including: version, serial number, signature algorithm, issuer, validity period (notBefore/notAfter), subject, public key info, X509v3 extensions, and signature. The -text flag prints the certificate in human-readable text form. The -noout flag prevents output of the base64-encoded certificate at the end.
Use the command: openssl x509 -in certificate.crt -noout -issuer. Output format: issuer=C = US, O = Let's Encrypt, CN = R3. The issuer is the entity that signed the certificate. For self-signed certificates, the issuer equals the subject. To see both issuer and subject: openssl x509 -in certificate.crt -noout -issuer -subject.
Use the command: openssl x509 -sha256 -in certificate.crt -noout -fingerprint. This outputs the fingerprint in format: SHA256 Fingerprint=B9:76:75:E4:9A:53:... The -noout flag prevents output of the encoded certificate. The -fingerprint flag outputs the fingerprint. The -sha256 specifies SHA-256 algorithm. To remove colons and convert to lowercase: openssl x509 -sha256 -in cert.crt -noout -fingerprint | sed 's/://g' | tr '[:upper:]' '[:lower:]'.
Use the command: openssl x509 -in certificate.crt -noout -subject. This outputs the certificate subject in format like: subject=C = US, O = DevOps Team, CN = dev-internal.company.local. The -noout flag prevents output of the encoded certificate. The -subject flag outputs only the subject field. You can combine with other options: openssl x509 -in cert.crt -noout -subject -issuer -dates to see subject, issuer, and validity dates together.
Use the -starttls flag: openssl s_client -connect mail.example.com:587 -starttls smtp. This sends the protocol-specific command to upgrade to TLS. Supported protocols: smtp, pop3, imap, ftp, xmpp, xmpp-server, irc, postgres, mysql, lmtp, nntp, sieve, ldap. Example for IMAP: openssl s_client -connect mail.example.com:143 -starttls imap. STARTTLS upgrades an unencrypted connection to encrypted on the same port.
Use the command: echo | openssl s_client -connect hostname:443 2>/dev/null | openssl x509 -noout -dates. This connects to the server, retrieves the certificate, and displays notBefore and notAfter dates. The echo | provides empty input to close the connection. The 2>/dev/null suppresses connection messages. For more details add -subject -issuer: echo | openssl s_client -connect hostname:443 2>/dev/null | openssl x509 -noout -subject -issuer -dates.
Use version flags with s_client: openssl s_client -connect hostname:443 -tls1_2 (for TLS 1.2) or openssl s_client -connect hostname:443 -tls1_3 (for TLS 1.3). Other flags: -tls1_1, -tls1, -ssl3 (deprecated). To disable a version: -no_tls1_2, -no_tls1_3, etc. This tests if the server supports specific TLS versions. TLS 1.2 and 1.3 are currently recommended; older versions have known vulnerabilities.
Use the command: openssl s_client -connect hostname:443. This opens an SSL connection and displays the certificate chain, server certificate in PEM format, TLS version, cipher used, and session details. For SNI support: openssl s_client -connect hostname:443 -servername hostname. To show full certificate chain: openssl s_client -connect hostname:443 -showcerts. After connection, you can type HTTP commands directly.
Use the command: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt. This creates both a private key and self-signed certificate in one command. The -x509 flag creates a self-signed certificate instead of a CSR. The -nodes flag means 'no DES' encryption on the private key. The -days 365 specifies validity period. You will be prompted for subject information (Country, State, Organization, Common Name, etc.).
Use the command: openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt. The -req flag indicates input is a CSR. The -days 365 sets validity period. The -signkey specifies the private key for signing. The -out specifies the output certificate file. This creates a self-signed certificate from an existing CSR and private key.
Use the -subj option with the format: -subj "/C=US/ST=State/L=City/O=Organization/OU=Unit/CN=common.name". For example: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt -subj "/C=US/O=DevOps Team/CN=dev-internal.company.local". The fields are: C=Country (2-letter code), ST=State/Province (full name), L=Locality/City, O=Organization, OU=Organizational Unit, CN=Common Name (typically FQDN for server certs).
Specify key size with -newkey: openssl req -x509 -nodes -days 365 -newkey rsa:4096 -keyout server.key -out server.crt. This creates a 4096-bit RSA key and self-signed certificate. Common sizes: 2048 (minimum recommended), 3072, 4096. For existing key: openssl req -x509 -nodes -days 365 -key existing.key -out server.crt. Larger keys provide more security but slower handshakes. 2048-bit is currently considered secure.
Use ssl.SSLContext with load_cert_chain: context = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH); context.load_cert_chain(certfile='server.crt', keyfile='server.key'). For server verification: context = ssl.create_default_context(); context.load_verify_locations(cafile='ca.crt'). The ssl module uses OpenSSL underneath. For self-signed certs, you may need context.check_hostname = False and context.verify_mode = ssl.CERT_NONE (not recommended for production).
Use x509.load_pem_x509_certificate: from cryptography import x509; with open('cert.crt', 'rb') as f: cert = x509.load_pem_x509_certificate(f.read()). Access fields: cert.subject, cert.issuer, cert.not_valid_before, cert.not_valid_after, cert.serial_number. For DER format: x509.load_der_x509_certificate(data). To get fingerprint: cert.fingerprint(hashes.SHA256()). The cryptography library provides a Pythonic interface to X.509 certificates.
Use X509Store and X509StoreContext: from OpenSSL import crypto; store = crypto.X509Store(); store.add_cert(ca_cert); store_ctx = crypto.X509StoreContext(store, cert); store_ctx.verify_certificate(). If verification fails, X509StoreContextError is raised. To load certificates: crypto.load_certificate(crypto.FILETYPE_PEM, pem_data). For chain validation, add intermediate certs to the store or use the chain parameter in X509StoreContext.
Use the command: openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr. This generates both a new private key and CSR. The -new flag generates a new CSR. The -newkey rsa:2048 creates a new 2048-bit RSA key. The -nodes flag prevents key encryption. You will be prompted for subject fields. For non-interactive: openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr -subj "/C=US/O=MyOrg/CN=example.com".
Use the command: openssl req -text -in server.csr -noout -verify. The -text flag prints the CSR in human-readable form. The -noout flag omits the encoded output. The -verify flag checks the signature to ensure the CSR has not been modified. This displays the subject, public key info, and signature algorithm. To view just the subject: openssl req -in server.csr -noout -subject.
Use the command: openssl verify -CAfile ca-cert.crt server.crt. This verifies the server certificate against the CA certificate. For intermediate certificates: openssl verify -CAfile root.pem -untrusted intermediate.pem server.pem. The -untrusted flag specifies intermediate certificates. To see the chain: openssl verify -show_chain -CAfile chain.pem server.pem. For self-signed certificates: openssl verify -CAfile selfsigned.crt selfsigned.crt.
Compare the modulus (for RSA) or public key of both. For RSA: openssl rsa -in private.key -modulus -noout | openssl md5 and openssl x509 -in certificate.crt -modulus -noout | openssl md5. If the MD5 hashes match, the key matches the certificate. For EC: compare openssl ec -in private.key -pubout and the public key in the certificate. You can also use: openssl x509 -in cert.crt -pubkey -noout and compare with the extracted public key from the private key.
Use -addext with subjectAltName: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt -subj "/CN=example.com" -addext "subjectAltName=DNS:example.com,DNS:www.example.com,DNS:api.example.com". For IP addresses: -addext "subjectAltName=DNS:example.com,IP:192.168.1.1". Modern browsers require SAN; CN alone is deprecated. All domain names should be in SAN, including the primary domain.
In OpenSSL 1.1.1+, use the -addext option: openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout server.key -out server.crt -subj "/CN=example.com" -addext "subjectAltName = DNS:example.com,DNS:www.example.com,IP:192.168.1.1". For DNS names use DNS: prefix, for IP addresses use IP: prefix. Multiple SANs are comma-separated. SAN is now required by browsers; using only CN is deprecated and will cause certificate validation errors.
Use the command: chmod 600 server.key. This sets the file permissions so only the owner can read and write the file (no access for group or others). Permission 600 means read+write for owner, no permissions for group or others. This is a security requirement because private keys must not be accessible by other users. For SSH/TLS keys, improper permissions (like 644 or 777) will cause applications to refuse to use the key with errors like 'WARNING: UNPROTECTED PRIVATE KEY FILE!'.
For RSA keys: openssl rsa -in private.key -text -noout. This shows key size, modulus, publicExponent, privateExponent, primes, exponents, and coefficient. For EC keys: openssl ec -in ec_private.key -text -noout. For any key type: openssl pkey -in private.key -text -noout. The -text flag outputs human-readable details. The -noout flag prevents output of the encoded key.
Use the command: openssl version. For detailed information including build date, compiler, and directories: openssl version -a. To see just the installation directory: openssl version -d. Note: unlike typical CLI tools, OpenSSL uses 'version' as a subcommand, not --version or -v flags. The -a output shows version, build date, platform, compiler options, OPENSSLDIR (where config and certs are stored), and ENGINESDIR.