User Tools

Site Tools



This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
ssl [2010/12/14 23:16]
ssl [2018/08/30 10:46] (current)
k2patel [Self Signed SSL]
Line 1: Line 1:
 +====== SSL / Openssl great way to secure it ======
 ==== SSL Issue and Resolution ==== ==== SSL Issue and Resolution ====
 **Generate 2048 Bit CSR for godaddy.** **Generate 2048 Bit CSR for godaddy.**
 <code bash> <code bash>
-openssl req -nodes -newkey rsa:2048 -keyout -out req -nodes -newkey rsa:4096 -sha512 ​-keyout -out
 </​code>​ </​code>​
Line 11: Line 13:
 **To check if certificate and key is matching "Match the MODULUS"​ in out of following command** **To check if certificate and key is matching "Match the MODULUS"​ in out of following command**
 <code bash> <code bash>
-openssl rsa -modulus -in <​*.key>​ +openssl rsa -noout ​-modulus -in <​*.key>​ 
-openssl x509 -modulus -in <​*.crt>​+openssl x509 -noout ​-modulus -in <​*.crt>​
 </​code>​ </​code>​
Line 42: Line 44:
 </​code>​ </​code>​
 +**Print all available high ciphers.**
 +<code bash>
 +openssl ciphers HIGH
 [[https://​​ssldb/​index.html | Test SSL Server]] [[https://​​ssldb/​index.html | Test SSL Server]]
Line 105: Line 114:
 </​code>​ </​code>​
 +== Thawte ==
 [[https://​​library/​VERISIGN/​ALL_OTHER/​thawte%20ca/​SSL123_CA_Bundle.pem | SSL123 CA Bundle (1024)]]\\ [[https://​​library/​VERISIGN/​ALL_OTHER/​thawte%20ca/​SSL123_CA_Bundle.pem | SSL123 CA Bundle (1024)]]\\
Line 110: Line 121:
 [[https://​​support/​ssl-digital-certificates/​index?​page=content&​id=SO1498 | Instruction for other Certificates ]] [[https://​​support/​ssl-digital-certificates/​index?​page=content&​id=SO1498 | Instruction for other Certificates ]]
 +== GoDaddy ==
 +[[ https://​​anonymous/​repository.seam | Server Certificates ]]
 +== Verisign ==
 +[[ https://​​support/​ssl-certificates-support/​index?​page=content&​actp=CROSSLINK&​id=AR1409&​TID=retailssl | CA Bundle ]]
 ==== Self Signed SSL ==== ==== Self Signed SSL ====
 == Generating Private Key == == Generating Private Key ==
 <code bash> <code bash>
-openssl genrsa -des3 -out ​2048+openssl genrsa -des3 -out ​4096
 </​code>​ </​code>​
Line 134: Line 150:
 <code bash> <code bash>
-openssl x509 -req -days 365 -in -signkey -out x509 -req -days 365 -in -signkey -out
 </​code>​ </​code>​
 +==== Wilcard Certificate ====
 +Wildcard Certificate is nothing diff. in mechanism except how much you pay.\\
 +Please read following information before you dive in.
- +  * While creating wildcard certificate you need to use "​*"​ as Common Name: 
 +     * e.g. * 
 +  * You can place wildcard certificate on any number of server simply you always need KEY / CRT combination moved / copied. 
 +    * so you can have multiple server with multiple sub-domain without issue. 
 +  * You do not need any special way to install / use it simply use as described above.
ssl.1292386599.txt.gz · Last modified: 2010/12/14 23:16 by k2patel