# OpenSSL Cheat Sheet

## Basics

General commands to analyze a certificate.

Test a TLS connection

```bash
openssl s_client -connect example.net:443
```

Get the certificate from a web endpoint

```bash
openssl s_client -showcerts -connect example.net:443 </dev/null
```

Check whether the private key of a certificate, key and CSR match

```bash
openssl rsa -noout -modulus -in example.key | openssl sha256
openssl x509 -noout -modulus -in example.crt | openssl sha256
openssl req -noout -modulus -in example.csr | openssl sha256
```

## Handling keys

Decrypt a RSA private key

```bash
openssl rsa -in <encrypted_private.key>  -out <decrypted_private.key>
```

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.