How to easily check whether the certificate has expired or not.
My bash command
You can use, all dates (creating and expiring):
openssl x509 -enddate -noout -in /etc/pki/tls/certs/localhost.crt
In this article you’ll find how to generate CSR (Certificate Signing Request) using OpenSSL from the Linux command line, without being prompted for values which go in the certificate’s subject field.
In the first example, i’ll show how to create both CSR and the new private key in one command.
And in the second example, you’ll find how to generate CSR from the existing key (if you already have the private key and want to keep it).
Both examples show how to create CSR using OpenSSL non-interactively (without being prompted for subject), so you can use them in any shell scripts. (more…)
OpenSSL is the de-facto tool for SSL on linux and other server systems. It providers both the library for creating SSL sockets, and a set of powerful tools for administrating an SSL enabled website. Following are a few common tasks you might need to perform with OpenSSL.
Obtaining a signed SSL certificate envolves a number of buisness verification procedures and a sumbition of what is called a CSR (“Certificate signing request”). To generate the CSR, execute the following command.
openssl req -new -newkey rsa:1024 -nodes -keyout key.pem -out req.pem