# OpenSSL Cheat Sheet
## Basics
General commands to analyze a certificate.
Test a TLS connection
```bash
openssl s_client -connect example.net:443
```
Get the certificate from a web endpoint
```bash
openssl s_client -showcerts -connect example.net:443 </dev/null
```
Check whether the private key of a certificate, key and CSR match
```bash
openssl rsa -noout -modulus -in example.key | openssl sha256
openssl x509 -noout -modulus -in example.crt | openssl sha256
openssl req -noout -modulus -in example.csr | openssl sha256
```
## Handling keys
Decrypt a RSA private key
```bash
openssl rsa -in <encrypted_private.key> -out <decrypted_private.key>
```