LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   need help on implementing ssl (https://www.linuxquestions.org/questions/linux-security-4/need-help-on-implementing-ssl-570028/)

dianarani 07-17-2007 04:56 AM
need help on implementing ssl
 
Hello Everybody,
Please help me with good links to understand the basic concept and procedure of 'how to implement ssl'.Any brainstorms are appreciatable.

Thanks,

jschiwal 07-17-2007 06:00 AM
You could start with the documentation that came with ssl. It is a collection of programs. Even "openssl" has many subprograms. You can use "openssl command --help" to get more detailed help.

Code:
openssl crl help
unknown option help
usage: crl args

 -inform arg    - input format - default PEM (DER or PEM)
 -outform arg    - output format - default PEM
 -text          - print out a text format version
 -in arg        - input file - default stdin
 -out arg        - output file - default stdout
 -hash          - print hash value
 -fingerprint    - print the crl fingerprint
 -issuer        - print issuer DN
 -lastupdate    - lastUpdate field
 -nextupdate    - nextUpdate field
 -noout          - no CRL output
 -CAfile  name  - verify CRL using certificates in file "name"
 -CApath  dir    - verify CRL using certificates in "dir"
 -nameopt arg    - various certificate name options
There is an O'Reilly book on OpenSSL.

Also, look at the manpages that come with the openssl package:
Code:
/usr/share/man/man1/ca.1ssl.gz
/usr/share/man/man1/crl.1ssl.gz
/usr/share/man/man1/crl2pkcs7.1ssl.gz
/usr/share/man/man1/dgst.1ssl.gz
/usr/share/man/man1/dhparam.1ssl.gz
/usr/share/man/man1/dsa.1ssl.gz
/usr/share/man/man1/dsaparam.1ssl.gz
/usr/share/man/man1/enc.1ssl.gz
/usr/share/man/man1/gendsa.1ssl.gz
/usr/share/man/man1/genrsa.1ssl.gz
/usr/share/man/man1/nseq.1ssl.gz
/usr/share/man/man1/openssl.1ssl.gz
/usr/share/man/man1/passwd.1ssl.gz
/usr/share/man/man1/pkcs12.1ssl.gz
/usr/share/man/man1/pkcs7.1ssl.gz
/usr/share/man/man1/pkcs8.1ssl.gz
/usr/share/man/man1/rand.1ssl.gz
/usr/share/man/man1/req.1ssl.gz
/usr/share/man/man1/rsa.1ssl.gz
/usr/share/man/man1/rsautl.1ssl.gz
/usr/share/man/man1/s_client.1ssl.gz
/usr/share/man/man1/s_server.1ssl.gz
/usr/share/man/man1/smime.1ssl.gz
/usr/share/man/man1/spkac.1ssl.gz
/usr/share/man/man1/verify.1ssl.gz
/usr/share/man/man1/version.1ssl.gz
/usr/share/man/man1/x509.1ssl.gz
/usr/share/man/man3/crypto.3ssl.gz
/usr/share/man/man3/dsa.3ssl.gz
/usr/share/man/man3/rand.3ssl.gz
/usr/share/man/man3/rsa.3ssl.gz
/usr/share/man/man3/ssl.3ssl.gz
/usr/share/man/man3/x509.3ssl.gz
/usr/share/man/man5/config.5ssl.gz
Many of the manpages include something I wish all manpages had; examples!
Code:
EXAMPLES
      To remove the pass phrase on an RSA private key:

        openssl rsa -in key.pem -out keyout.pem

      To encrypt a private key using triple DES:

        openssl rsa -in key.pem -des3 -out keyout.pem

      To convert a private key from PEM to DER format:

        openssl rsa -in key.pem -outform DER -out keyout.der

      To print out the components of a private key to standard output:

        openssl rsa -in key.pem -text -noout

      To just output the public part of a private key:

        openssl rsa -in key.pem -pubout -out pubkey.pem


All times are GMT -5. The time now is 08:50 PM.