Command Line Utilities

From OpenSSLWiki
Revision as of 12:37, 22 May 2015 by Mxlbzn (talk | contribs) (fmt fix)
Jump to navigationJump to search

OpenSSL site command line tools

Getting started with your openssl toolkit

The openssl binary (usually /usr/bin/openssl on linux) is an entry point for many functions. You call it following the pattern

$ openssl command [ command_opts ] [ command_args ] 

Alternatively you can call it without arguments to enter the interactive mode with an 'OpenSSL>' prompt. Then you can directly type your commands. You can leave the interactive mode with Ctrl+C or Ctrl+D or by typing 'quit':

OpenSSL> quit

There are three different kinds of commands. These are standard commands, cipher commands, and message-digest commands. In the following an overview over some commands is given. These are grouped by purpose and not necessarily by the classification just mentioned.

Learn about your installation

List commands by type

You can get a list of available commands by calling

$ openssl list-standard-commands
$ openssl list-cipher-commands
$ openssl list-message-digest-commands

version

OpenSSL> version
OpenSSL 1.0.1e 11 Feb 2013

ciphers

returns SSL/TLS ciphers supported.

OpenSSL> ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:SRP-DSS-AES-256-CBC-SHA:SRP-RSA-AES-256-CBC-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:SRP-DSS-3DES-EDE-CBC-SHA:SRP-RSA-3DES-EDE-CBC-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:DES-CBC3-SHA:PSK-3DES-EDE-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:SRP-DSS-AES-128-CBC-SHA:SRP-RSA-AES-128-CBC-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:PSK-AES128-CBC-SHA:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:EDH-RSA-DES-CBC-SHA:EDH-DSS-DES-CBC-SHA:DES-CBC-SHA:EXP-EDH-RSA-DES-CBC-SHA:EXP-EDH-DSS-DES-CBC-SHA:EXP-DES-CBC-SHA:EXP-RC2-CBC-MD5:EXP-RC4-MD5

openssl list-cipher-algorithms

openssl list-public-key-algorithms

Name: OpenSSL RSA method
	Type: Builtin Algorithm
	OID: rsaEncryption
	PEM string: RSA
Name: rsa
	Type: Alias to rsaEncryption
Name: OpenSSL PKCS#3 DH method
	Type: Builtin Algorithm
	OID: dhKeyAgreement
	PEM string: DH
Name: dsaWithSHA
	Type: Alias to dsaEncryption
Name: dsaEncryption-old
	Type: Alias to dsaEncryption
Name: dsaWithSHA1-old
	Type: Alias to dsaEncryption
Name: dsaWithSHA1
	Type: Alias to dsaEncryption
Name: OpenSSL DSA method
	Type: Builtin Algorithm
	OID: dsaEncryption
	PEM string: DSA
Name: OpenSSL EC algorithm
	Type: Builtin Algorithm
	OID: id-ecPublicKey
	PEM string: EC
Name: OpenSSL HMAC method
	Type: Builtin Algorithm
	OID: hmac
	PEM string: HMAC
Name: OpenSSL CMAC method
	Type: Builtin Algorithm
	OID: cmac
	PEM string: CMAC

engine

OpenSSL> engine
(rsax) RSAX engine support
(dynamic) Dynamic engine loading support

speed

returns informations of toolkit performance on cryptographic functions computations.

( Ex: on Linux 3.1.0-1-amd64 #1 SMP x86_64 GNU/Linux, HP dv7 i7 4Gb )

$ openssl speed
Doing md4 for 3s on 16 size blocks: 12430613 md4's in 3.00s
...
Doing md5 for 3s on 16 size blocks: 8943943 md5's in 2.99s
Doing md5 for 3s on 64 size blocks: 6560162 md5's in 3.00s
Doing md5 for 3s on 256 size blocks: 3674563 md5's in 3.00s
Doing md5 for 3s on 1024 size blocks: 1325803 md5's in 3.00s
Doing md5 for 3s on 8192 size blocks: 190271 md5's in 3.00s
Doing hmac(md5) for 3s on 16 size blocks: 7289025 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 64 size blocks: 5519732 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 256 size blocks: 3319123 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 1024 size blocks: 1275475 hmac(md5)'s in 3.00s
Doing hmac(md5) for 3s on 8192 size blocks: 187134 hmac(md5)'s in 3.00s
Doing sha1 for 3s on 16 size blocks: 10089842 sha1's in 2.99s
Doing sha1 for 3s on 64 size blocks: 7033355 sha1's in 3.00s
Doing sha1 for 3s on 256 size blocks: 3919372 sha1's in 3.00s
Doing sha1 for 3s on 1024 size blocks: 1374314 sha1's in 3.00s
Doing sha1 for 3s on 8192 size blocks: 198808 sha1's in 3.00s
Doing sha256 for 3s on 16 size blocks: 6462822 sha256's in 3.00s
Doing sha256 for 3s on 64 size blocks: 3504641 sha256's in 3.00s
Doing sha256 for 3s on 256 size blocks: 1486771 sha256's in 3.00s
Doing sha256 for 3s on 1024 size blocks: 440613 sha256's in 3.00s
Doing sha256 for 3s on 8192 size blocks: 58418 sha256's in 3.00s
Doing sha512 for 3s on 16 size blocks: 5040453 sha512's in 2.99s
Doing sha512 for 3s on 64 size blocks: 5089425 sha512's in 3.00s
Doing sha512 for 3s on 256 size blocks: 1865240 sha512's in 3.00s
Doing sha512 for 3s on 1024 size blocks: 643708 sha512's in 3.00s
Doing sha512 for 3s on 8192 size blocks: 90615 sha512's in 3.00s
...
Doing whirlpool for 3s on 8192 size blocks: 33204 whirlpool's in 3.00s
...
Doing rmd160 for 3s on 8192 size blocks: 66719 rmd160's in 3.00s
...
Doing rc4 for 3s on 8192 size blocks: 238972 rc4's in 3.00s
...
Doing des cbc for 3s on 8192 size blocks: 19837 des cbc's in 3.00s
...
Doing des ede3 for 3s on 8192 size blocks: 7706 des ede3's in 3.00s
...
Doing aes-128 cbc for 3s on 8192 size blocks: 35217 aes-128 cbc's in 3.00s
...
Doing aes-192 cbc for 3s on 8192 size blocks: 29225 aes-192 cbc's in 3.01s
...
Doing aes-256 cbc for 3s on 8192 size blocks: 24414 aes-256 cbc's in 3.00s
...
Doing aes-256 ige for 3s on 8192 size blocks: 23331 aes-256 ige's in 2.99s
...

Basic encryption

The command for symmetric encryption/decryption operations is openssl enc.

For public key asymmetric encryption/decryption/sign/verify operations, use pkeyutl or the older RSA-specific rsautl.

Basic file

to cipher a file or data to protect and share it protected by a shared key.

symmetric cipher : AES Blowfish RC4 3DES RC2 DES CAST5 SEED

block to stream conversion : ECB CBC OFB CFB CTR XTS GCM

compression : ZLIB

Cipher commands (see the `enc' command for more details)
aes-128-cbc       aes-128-ecb       aes-192-cbc       aes-192-ecb       
aes-256-cbc       aes-256-ecb       base64            bf                
bf-cbc            bf-cfb            bf-ecb            bf-ofb            
camellia-128-cbc  camellia-128-ecb  camellia-192-cbc  camellia-192-ecb  
camellia-256-cbc  camellia-256-ecb  cast              cast-cbc          
cast5-cbc         cast5-cfb         cast5-ecb         cast5-ofb         
des               des-cbc           des-cfb           des-ecb           
des-ede           des-ede-cbc       des-ede-cfb       des-ede-ofb       
des-ede3          des-ede3-cbc      des-ede3-cfb      des-ede3-ofb      
des-ofb           des3              desx              rc2               
rc2-40-cbc        rc2-64-cbc        rc2-cbc           rc2-cfb           
rc2-ecb           rc2-ofb           rc4               rc4-40            
seed              seed-cbc          seed-cfb          seed-ecb          
seed-ofb          zlib
openssl enc --help
unknown option '--help'
options are
-in <file>     input file
-out <file>    output file
-pass <arg>    pass phrase source
-e             encrypt
-d             decrypt
-a/-base64     base64 encode/decode, depending on encryption flag
-k             passphrase is the next argument
-kfile         passphrase is the first line of the file argument
-md            the next argument is the md to use to create a key
                 from a passphrase.  One of md2, md5, sha or sha1
-S             salt in hex is the next argument
-K/-iv         key/iv in hex is the next argument
-[pP]          print the iv/key (then exit if -P)
-bufsize <n>   buffer size
-nopad         disable standard block padding
-engine e      use engine e, possibly a hardware device.
Cipher Types
-aes-128-cbc               -aes-128-cfb               -aes-128-cfb1             
-aes-128-cfb8              -aes-128-ctr               -aes-128-ecb              
-aes-128-gcm               -aes-128-ofb               -aes-128-xts              
-aes-192-cbc               -aes-192-cfb               -aes-192-cfb1             
-aes-192-cfb8              -aes-192-ctr               -aes-192-ecb              
-aes-192-gcm               -aes-192-ofb               -aes-256-cbc              
-aes-256-cfb               -aes-256-cfb1              -aes-256-cfb8             
-aes-256-ctr               -aes-256-ecb               -aes-256-gcm              
-aes-256-ofb               -aes-256-xts               -aes128                   
-aes192                    -aes256                    -bf                       
-bf-cbc                    -bf-cfb                    -bf-ecb                   
-bf-ofb                    -blowfish                  -camellia-128-cbc         
-camellia-128-cfb          -camellia-128-cfb1         -camellia-128-cfb8        
-camellia-128-ecb          -camellia-128-ofb          -camellia-192-cbc         
-camellia-192-cfb          -camellia-192-cfb1         -camellia-192-cfb8        
-camellia-192-ecb          -camellia-192-ofb          -camellia-256-cbc         
-camellia-256-cfb          -camellia-256-cfb1         -camellia-256-cfb8        
-camellia-256-ecb          -camellia-256-ofb          -camellia128              
-camellia192               -camellia256               -cast                     
-cast-cbc                  -cast5-cbc                 -cast5-cfb                
-cast5-ecb                 -cast5-ofb                 -des                      
-des-cbc                   -des-cfb                   -des-cfb1                 
-des-cfb8                  -des-ecb                   -des-ede                  
-des-ede-cbc               -des-ede-cfb               -des-ede-ofb              
-des-ede3                  -des-ede3-cbc              -des-ede3-cfb             
-des-ede3-cfb1             -des-ede3-cfb8             -des-ede3-ofb             
-des-ofb                   -des3                      -desx                     
-desx-cbc                  -id-aes128-GCM             -id-aes192-GCM            
-id-aes256-GCM             -rc2                       -rc2-40-cbc               
-rc2-64-cbc                -rc2-cbc                   -rc2-cfb                  
-rc2-ecb                   -rc2-ofb                   -rc4                      
-rc4-40                    -rc4-hmac-md5              -seed                     
-seed-cbc                  -seed-cfb                  -seed-ecb                 
-seed-ofb  

Mail / SMIME

smime v2 pkcs7 1.5
openssl smime --help
Usage smime [options] cert.pem ...
where options are
-encrypt       encrypt message
-decrypt       decrypt encrypted message
-sign          sign message
-verify        verify signed message
-pk7out        output PKCS#7 structure
-des3          encrypt with triple DES
-des           encrypt with DES
-seed          encrypt with SEED
-rc2-40        encrypt with RC2-40 (default)
-rc2-64        encrypt with RC2-64
-rc2-128       encrypt with RC2-128
-aes128, -aes192, -aes256
               encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
               encrypt PEM output with cbc camellia
-nointern      don't search certificates in message for signer
-nosigs        don't verify message signature
-noverify      don't verify signers certificate
-nocerts       don't include signers certificate when signing
-nodetach      use opaque signing
-noattr        don't include any signed attributes
-binary        don't translate message to text
-certfile file other certificates file
-signer file   signer certificate file
-recip  file   recipient certificate file for decryption
-in file       input file
-inform arg    input format SMIME (default), PEM or DER
-inkey file    input private key (if not signer or recipient)
-keyform arg   input private key format (PEM or ENGINE)
-out file      output file
-outform arg   output format SMIME (default), PEM or DER
-content file  supply or override content for detached signature
-to addr       to address
-from ad       from address
-subject s     subject
-text          include or delete text MIME headers
-CApath dir    trusted certificates directory
-CAfile file   trusted certificates file
-crl_check     check revocation status of signer's certificate using CRLs
-crl_check_all check revocation status of signer's certificate chain using CRLs
-engine e      use engine e, possibly a hardware device.
-passin arg    input file pass phrase source
-rand file:file:...
               load the file (or the files in the directory) into
               the random number generator
cert.pem       recipient certificate(s) for encryption
smime v3 cms
openssl cms --help
Usage cms [options] cert.pem ...
where options are
-encrypt       encrypt message
-decrypt       decrypt encrypted message
-sign          sign message
-verify        verify signed message
-cmsout        output CMS structure
-des3          encrypt with triple DES
-des           encrypt with DES
-seed          encrypt with SEED
-rc2-40        encrypt with RC2-40 (default)
-rc2-64        encrypt with RC2-64
-rc2-128       encrypt with RC2-128
-aes128, -aes192, -aes256
               encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
               encrypt PEM output with cbc camellia
-nointern      don't search certificates in message for signer
-nosigs        don't verify message signature
-noverify      don't verify signers certificate
-nocerts       don't include signers certificate when signing
-nodetach      use opaque signing
-noattr        don't include any signed attributes
-binary        don't translate message to text
-certfile file other certificates file
-certsout file certificate output file
-signer file   signer certificate file
-recip  file   recipient certificate file for decryption
-keyid         use subject key identifier
-in file       input file
-inform arg    input format SMIME (default), PEM or DER
-inkey file    input private key (if not signer or recipient)
-keyform arg   input private key format (PEM or ENGINE)
-out file      output file
-outform arg   output format SMIME (default), PEM or DER
-content file  supply or override content for detached signature
-to addr       to address
-from ad       from address
-subject s     subject
-text          include or delete text MIME headers
-CApath dir    trusted certificates directory
-CAfile file   trusted certificates file
-crl_check     check revocation status of signer's certificate using CRLs
-crl_check_all check revocation status of signer's certificate chain using CRLs
-engine e      use engine e, possibly a hardware device.
-passin arg    input file pass phrase source
-rand file:file:...
               load the file (or the files in the directory) into
               the random number generator
cert.pem       recipient certificate(s) for encryption

Public Key Cryptographic Operations

openssl pkeyutl --help
Usage: pkeyutl [options]
-in file        input file
-out file       output file
-sigfile file signature file (verify operation only)
-inkey file     input key
-keyform arg    private key format - default PEM
-pubin          input is a public key
-certin         input is a certificate carrying a public key
-pkeyopt X:Y    public key options
-sign           sign with private key
-verify         verify with public key
-verifyrecover  verify with public key, recover original data
-encrypt        encrypt with public key
-decrypt        decrypt with private key
-derive         derive shared secret
-hexdump        hex dump output
-engine e       use engine e, possibly a hardware device.
-passin arg     pass phrase source

Legacy RSA command:

openssl rsautl --help
Usage: rsautl [options]
-in file        input file
-out file       output file
-inkey file     input key
-keyform arg    private key format - default PEM
-pubin          input is an RSA public
-certin         input is a certificate carrying an RSA public key
-ssl            use SSL v2 padding
-raw            use no padding
-pkcs           use PKCS#1 v1.5 padding (default)
-oaep           use PKCS#1 OAEP
-sign           sign with private key
-verify         verify with public key
-encrypt        encrypt with public key
-decrypt        decrypt with private key
-hexdump        hex dump output
-engine e       use engine e, possibly a hardware device.
-passin arg    pass phrase source

Create / Handle Public Key Certificates

This requires you have a knowledge of what PKI is ( Certificate Authorities, Certificate Request, Certificate, Public Key, Private Key )

Classical use case is to obtain a valid Certificate for a Secured Web site ( https protocol ). First you create a Private Key ( will be created together with Public key ). Then create a Certificate Request for that private key with some informations for purpose of future Certificate. Then send that Certificate Request to a Certificate Authority ( CA ) that will issue a Certificate that CA signed. For well known CA you need to pay. Up to you to install your Private key together with the received Certificate on your system.

It exists graphical front-end to operate openssl wihtin a GUI : XCA

Key Generation

rsa / genrsa

RSA is the most common type of Public/Private Key. Private Key part should never be disclosed while public key part is ... public.

openssl genrsa --help
usage: genrsa [args] [numbits]
 -des            encrypt the generated key with DES in cbc mode
 -des3           encrypt the generated key with DES in ede cbc mode (168 bit key)
 -seed
                 encrypt PEM output with cbc seed
 -aes128, -aes192, -aes256
                 encrypt PEM output with cbc aes
 -camellia128, -camellia192, -camellia256
                 encrypt PEM output with cbc camellia
 -out file       output the key to 'file
 -passout arg    output file pass phrase source
 -f4             use F4 (0x10001) for the E value
 -3              use 3 for the E value
 -engine e       use engine e, possibly a hardware device.
 -rand file:file:...
                 load the file (or the files in the directory) into
                 the random number generator
rsa help
unknown option help
rsa [options] <infile >outfile
where options are
 -inform arg     input format - one of DER NET PEM
 -outform arg    output format - one of DER NET PEM
 -in arg         input file
 -sgckey         Use IIS SGC key format
 -passin arg     input file pass phrase source
 -out arg        output file
 -passout arg    output file pass phrase source
 -des            encrypt PEM output with cbc des
 -des3           encrypt PEM output with ede cbc des using 168 bit key
 -seed           encrypt PEM output with cbc seed
 -aes128, -aes192, -aes256
                 encrypt PEM output with cbc aes
 -camellia128, -camellia192, -camellia256
                 encrypt PEM output with cbc camellia
 -text           print the key in text
 -noout          don't print key out
 -modulus        print the RSA key modulus
 -check          verify key consistency
 -pubin          expect a public key in input file
 -pubout         output a public key
 -engine e       use engine e, possibly a hardware device.
error in rsa
dsa / gendsa

dsa is a less common Public/Private key scheme, but can be seen anyway, so ...

openssl gendsa
usage: gendsa [args] dsaparam-file
 -out file - output the key to 'file'
 -des      - encrypt the generated key with DES in cbc mode
 -des3     - encrypt the generated key with DES in ede cbc mode (168 bit key)
 -seed
                 encrypt PEM output with cbc seed
 -aes128, -aes192, -aes256
                 encrypt PEM output with cbc aes
 -camellia128, -camellia192, -camellia256
                 encrypt PEM output with cbc camellia
 -engine e - use engine e, possibly a hardware device.
 -rand file:file:...
           - load the file (or the files in the directory) into
             the random number generator
 dsaparam-file
           - a DSA parameter file as generated by the dsaparam command

OpenSSL> dsa help
unknown option help
dsa [options] <infile >outfile
where options are
 -inform arg     input format - DER or PEM
 -outform arg    output format - DER or PEM
 -in arg         input file
 -passin arg     input file pass phrase source
 -out arg        output file
 -passout arg    output file pass phrase source
 -engine e       use engine e, possibly a hardware device.
 -des            encrypt PEM output with cbc des
 -des3           encrypt PEM output with ede cbc des using 168 bit key
 -aes128, -aes192, -aes256
                 encrypt PEM output with cbc aes
 -camellia128, -camellia192, -camellia256
                 encrypt PEM output with cbc camellia
 -seed           encrypt PEM output with cbc seed
 -text           print the key in text
 -noout          don't print key out
 -modulus        print the DSA public value
error in dsa
Elliptic Curves / ec ecparam

Elliptic_Curve_Cryptography

See Command Line Elliptic Curve Operations for a description of these commands.

openssl ecparam --help
unknown option --help
ecparam [options] <infile >outfile
where options are
 -inform arg       input format - default PEM (DER or PEM)
 -outform arg      output format - default PEM
 -in  arg          input file  - default stdin
 -out arg          output file - default stdout
 -noout            do not print the ec parameter
 -text             print the ec parameters in text form
 -check            validate the ec parameters
 -C                print a 'C' function creating the parameters
 -name arg         use the ec parameters with 'short name' name
 -list_curves      prints a list of all currently available curve 'short names'
 -conv_form arg    specifies the point conversion form 
                   possible values: compressed
                                    uncompressed (default)
                                    hybrid
 -param_enc arg    specifies the way the ec parameters are encoded
                   in the asn1 der encoding
                   possible values: named_curve (default)
                                    explicit
 -no_seed          if 'explicit' parameters are chosen do not use the seed
 -genkey           generate ec key
 -rand file        files to use for random number input
 -engine e         use engine e, possibly a hardware device
ec [options] <infile >outfile
where options are
 -inform arg     input format - DER or PEM
 -outform arg    output format - DER or PEM
 -in arg         input file
 -passin arg     input file pass phrase source
 -out arg        output file
 -passout arg    output file pass phrase source
 -engine e       use engine e, possibly a hardware device.
 -des            encrypt PEM output, instead of 'des' every other 
                 cipher supported by OpenSSL can be used
 -text           print the key
 -noout          don't print key out
 -param_out      print the elliptic curve parameters
 -conv_form arg  specifies the point conversion form 
                 possible values: compressed
                                  uncompressed (default)
                                   hybrid
 -param_enc arg  specifies the way the ec parameters are encoded
                 in the asn1 der encoding
                 possible values: named_curve (default)
                                  explicit

Certificate Authority / ca

When you want to act as a Certificate Authority.

OpenSSL> ca
Using configuration from /usr/lib/ssl/openssl.cnf
Error opening CA private key ./demoCA/private/cakey.pem
140492277311144:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('./demoCA/private/cakey.pem','r')
140492277311144:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load CA private key
error in ca

By default you don't have ca created...

Certificate Request / pkcs10 / req

OpenSSL> req ?
unknown option ?
req [options] <infile >outfile
where options  are
 -inform arg    input format - DER or PEM
 -outform arg   output format - DER or PEM
 -in arg        input file
 -out arg       output file
 -text          text form of request
 -pubkey        output public key
 -noout         do not output REQ
 -verify        verify signature on REQ
 -modulus       RSA modulus
 -nodes         don't encrypt the output key
 -engine e      use engine e, possibly a hardware device
 -subject       output the request's subject
 -passin        private key password source
 -key file      use the private key contained in file
 -keyform arg   key file format
 -keyout arg    file to send the key to
 -rand file:file:...
                load the file (or the files in the directory) into
                the random number generator
 -newkey rsa:bits generate a new RSA key of 'bits' in size
 -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'
 -newkey ec:file generate a new EC key, parameters taken from CA in 'file'
 -[digest]      Digest to sign with (md5, sha1, md2, mdc2, md4)
 -config file   request template file.
 -subj arg      set or modify request subject
 -multivalue-rdn enable support for multivalued RDNs
 -new           new request.
 -batch         do not ask anything during request generation
 -x509          output a x509 structure instead of a cert. req.
 -days          number of days a certificate generated by -x509 is valid for.
 -set_serial    serial number to use for a certificate generated by -x509.
 -newhdr        output "NEW" in the header lines
 -asn1-kludge   Output the 'request' in a format that is wrong but some CA's
                have been reported as requiring
 -extensions .. specify certificate extension section (override value in config file)
 -reqexts ..    specify request extension section (override value in config file)
 -utf8          input characters are UTF8 (default ASCII)
 -nameopt arg    - various certificate name options
 -reqopt arg    - various request text options

error in req

Certificates AKA x509

x509 command allows you to display content of a x509 certificate and to convert it from/to PEM, NET or DER formats.

OpenSSL> x509 help
unknown option help
usage: x509 args
 -inform arg     - input format - default PEM (one of DER, NET or PEM)
 -outform arg    - output format - default PEM (one of DER, NET or PEM)
 -keyform arg    - private key format - default PEM
 -CAform arg     - CA format - default PEM
 -CAkeyform arg  - CA key format - default PEM
 -in arg         - input file - default stdin
 -out arg        - output file - default stdout
 -passin arg     - private key password source
 -serial         - print serial number value
 -subject_hash   - print subject hash value
 -subject_hash_old   - print old-style (MD5) subject hash value
 -issuer_hash    - print issuer hash value
 -issuer_hash_old    - print old-style (MD5) issuer hash value
 -hash           - synonym for -subject_hash
 -subject        - print subject DN
 -issuer         - print issuer DN
 -email          - print email address(es)
 -startdate      - notBefore field
 -enddate        - notAfter field
 -purpose        - print out certificate purposes
 -dates          - both Before and After dates
 -modulus        - print the RSA key modulus
 -pubkey         - output the public key
 -fingerprint    - print the certificate fingerprint
 -alias          - output certificate alias
 -noout          - no certificate output
 -ocspid         - print OCSP hash values for the subject name and public key
 -ocsp_uri       - print OCSP Responder URL(s)
 -trustout       - output a "trusted" certificate
 -clrtrust       - clear all trusted purposes
 -clrreject      - clear all rejected purposes
 -addtrust arg   - trust certificate for a given purpose
 -addreject arg  - reject certificate for a given purpose
 -setalias arg   - set certificate alias
 -days arg       - How long till expiry of a signed certificate - def 30 days
 -checkend arg   - check whether the cert expires in the next arg seconds
                   exit 1 if so, 0 if not
 -signkey arg    - self sign cert with arg
 -x509toreq      - output a certification request object
 -req            - input is a certificate request, sign and output.
 -CA arg         - set the CA certificate, must be PEM format.
 -CAkey arg      - set the CA key, must be PEM format
                   missing, it is assumed to be in the CA file.
 -CAcreateserial - create serial number file if it does not exist
 -CAserial arg   - serial file
 -set_serial     - serial number to use
 -text           - print the certificate in text form
 -C              - print out C code forms
 -md2/-md5/-sha1/-mdc2 - digest to use
 -extfile        - configuration file with X509V3 extensions to add
 -extensions     - section from config file with X509V3 extensions to add
 -clrext         - delete extensions before signing and input certificate
 -nameopt arg    - various certificate name options
 -engine e       - use engine e, possibly a hardware device.
 -certopt arg    - various certificate text options

Client Certificates AKA pkcs12

Client Certificate is a language abuse, but anyway it is kind of file you need to install on your system when SSL/TLS server require Client Authentication. Those kind of certificates credentials are known with .pkcs12 or .pfx file extension. They contains a x509 Certificate and the public/private key of client. Those files are then very sensible to handle with same security as a private key.

Usage: pkcs12 [options]
where options are
-export       output PKCS12 file
-chain        add certificate chain
-inkey file   private key if not infile
-certfile f   add all certs in f
-CApath arg   - PEM format directory of CA's
-CAfile arg   - PEM format file of CA's
-name "name"  use name as friendly name
-caname "nm"  use nm as CA friendly name (can be used more than once).
-in  infile   input filename
-out outfile  output filename
-noout        don't output anything, just verify.
-nomacver     don't verify MAC.
-nocerts      don't output certificates.
-clcerts      only output client certificates.
-cacerts      only output CA certificates.
-nokeys       don't output private keys.
-info         give info about PKCS#12 structure.
-des          encrypt private keys with DES
-des3         encrypt private keys with triple DES (default)
-seed         encrypt private keys with seed
-aes128, -aes192, -aes256
              encrypt PEM output with cbc aes
-camellia128, -camellia192, -camellia256
              encrypt PEM output with cbc camellia
-nodes        don't encrypt private keys
-noiter       don't use encryption iteration
-nomaciter    don't use MAC iteration
-maciter      use MAC iteration
-nomac        don't generate MAC
-twopass      separate MAC, encryption passwords
-descert      encrypt PKCS#12 certificates with triple DES (default RC2-40)
-certpbe alg  specify certificate PBE algorithm (default RC2-40)
-keypbe alg   specify private key PBE algorithm (default 3DES)
-macalg alg   digest algorithm used in MAC (default SHA1)
-keyex        set MS key exchange type
-keysig       set MS key signature type
-password p   set import/export password source
-passin p     input file pass phrase source
-passout p    output file pass phrase source
-engine e     use engine e, possibly a hardware device.
-rand file:file:...
              load the file (or the files in the directory) into
              the random number generator
-CSP name     Microsoft CSP name
-LMK          Add local machine keyset attribute to private key

SSL/TLS and Certificates ONLINE services

s_server

This implements a generic SSL/TLS server.

openssl s_server
Error opening server certificate private key file server.pem
139811478357672:error:02001002:system library:fopen:No such file or directory:bss_file.c:398:fopen('server.pem','r')
139811478357672:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400:
unable to load server certificate private key file

you need to provide certificate and private key to be able to run SSL/TLS server.

openssl s_server --help
unknown option --help
usage: s_server [args ...]

 -accept arg   - port to accept on (default is 4433)
 -context arg  - set session ID context
 -verify arg   - turn on peer certificate verification
 -Verify arg   - turn on peer certificate verification, must have a cert.
 -cert arg     - certificate file to use
                 (default is server.pem)
 -crl_check    - check the peer certificate has not been revoked by its CA.
                 The CRL(s) are appended to the certificate file
 -crl_check_all - check the peer certificate has not been revoked by its CA
                 or any other CRL in the CA chain. CRL(s) are appened to the
                 the certificate file.
 -certform arg - certificate format (PEM or DER) PEM default
 -key arg      - Private Key file to use, in cert file if
                 not specified (default is server.pem)
 -keyform arg  - key format (PEM, DER or ENGINE) PEM default
 -pass arg     - private key file pass phrase source
 -dcert arg    - second certificate file to use (usually for DSA)
 -dcertform x  - second certificate format (PEM or DER) PEM default
 -dkey arg     - second private key file to use (usually for DSA)
 -dkeyform arg - second key format (PEM, DER or ENGINE) PEM default
 -dpass arg    - second private key file pass phrase source
 -dhparam arg  - DH parameter file to use, in cert file if not specified
                 or a default set of parameters is used
 -named_curve arg  - Elliptic curve name to use for ephemeral ECDH keys.
                 Use "openssl ecparam -list_curves" for all names
                 (default is nistp256).
 -nbio         - Run with non-blocking IO
 -nbio_test    - test with the non-blocking test bio
 -crlf         - convert LF from terminal into CRLF
 -debug        - Print more output
 -msg          - Show protocol messages
 -state        - Print the SSL states
 -CApath arg   - PEM format directory of CA's
 -CAfile arg   - PEM format file of CA's
 -nocert       - Don't use any certificates (Anon-DH)
 -cipher arg   - play with 'openssl ciphers' to see what goes here
 -serverpref   - Use server's cipher preferences
 -quiet        - No server output
 -no_tmp_rsa   - Do not generate a tmp RSA key
 -psk_hint arg - PSK identity hint to use
 -psk arg      - PSK in hex (without 0x)
 -srpvfile file      - The verifier file for SRP
 -srpuserseed string - A seed string for a default user salt.
 -ssl2         - Just talk SSLv2
 -ssl3         - Just talk SSLv3
 -tls1_2       - Just talk TLSv1.2
 -tls1_1       - Just talk TLSv1.1
 -tls1         - Just talk TLSv1
 -dtls1        - Just talk DTLSv1
 -timeout      - Enable timeouts
 -mtu          - Set link layer MTU
 -chain        - Read a certificate chain
 -no_ssl2      - Just disable SSLv2
 -no_ssl3      - Just disable SSLv3
 -no_tls1      - Just disable TLSv1
 -no_tls1_1    - Just disable TLSv1.1
 -no_tls1_2    - Just disable TLSv1.2
 -no_dhe       - Disable ephemeral DH
 -no_ecdhe     - Disable ephemeral ECDH
 -bugs         - Turn on SSL bug compatibility
 -www          - Respond to a 'GET /' with a status page
 -WWW          - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>
 -HTTP         - Respond to a 'GET /<path> HTTP/1.0' with file ./<path>
                 with the assumption it contains a complete HTTP response.
 -engine id    - Initialise and use the specified engine
 -id_prefix arg - Generate SSL/TLS session IDs prefixed by 'arg'
 -rand file:file:...
 -servername host - servername for HostName TLS extension
 -servername_fatal - on mismatch send fatal alert (default warning alert)
 -cert2 arg    - certificate file to use for servername
                 (default is server2.pem)
 -key2 arg     - Private Key file to use for servername, in cert file if
                 not specified (default is server2.pem)
 -tlsextdebug  - hex dump of all TLS extensions received
 -no_ticket    - disable use of RFC4507bis session tickets
 -legacy_renegotiation - enable use of legacy renegotiation (dangerous)
 -nextprotoneg arg - set the advertised protocols for the NPN extension (comma-separated list)
 -use_srtp profiles - Offer SRTP key management with a colon-separated profile list
 -keymatexport label   - Export keying material using label
 -keymatexportlen len  - Export len bytes of keying material (default 20)

s_client

This implements a generic SSL/TLS client

unknown option --help
usage: s_client args

 -host host     - use -connect instead
 -port port     - use -connect instead
 -connect host:port - who to connect to (default is localhost:4433)
 -verify arg   - turn on peer certificate verification
 -cert arg     - certificate file to use, PEM format assumed
 -certform arg - certificate format (PEM or DER) PEM default
 -key arg      - Private key file to use, in cert file if
                 not specified but cert file is.
 -keyform arg  - key format (PEM or DER) PEM default
 -pass arg     - private key file pass phrase source
 -CApath arg   - PEM format directory of CA's
 -CAfile arg   - PEM format file of CA's
 -reconnect    - Drop and re-make the connection with the same Session-ID
 -pause        - sleep(1) after each read(2) and write(2) system call
 -showcerts    - show all certificates in the chain
 -debug        - extra output
 -msg          - Show protocol messages
 -nbio_test    - more ssl protocol testing
 -state        - print the 'ssl' states
 -nbio         - Run with non-blocking IO
 -crlf         - convert LF from terminal into CRLF
 -quiet        - no s_client output
 -ign_eof      - ignore input eof (default when -quiet)
 -no_ign_eof   - don't ignore input eof
 -psk_identity arg - PSK identity
 -psk arg      - PSK in hex (without 0x)
 -srpuser user     - SRP authentification for 'user'
 -srppass arg      - password for 'user'
 -srp_lateuser     - SRP username into second ClientHello message
 -srp_moregroups   - Tolerate other than the known g N values.
 -srp_strength int - minimal mength in bits for N (default 1024).
 -ssl2         - just use SSLv2
 -ssl3         - just use SSLv3
 -tls1_2       - just use TLSv1.2
 -tls1_1       - just use TLSv1.1
 -tls1         - just use TLSv1
 -dtls1        - just use DTLSv1
 -mtu          - set the link layer MTU
 -no_tls1_2/-no_tls1_1/-no_tls1/-no_ssl3/-no_ssl2 - turn off that protocol
 -bugs         - Switch on all SSL implementation bug workarounds
 -serverpref   - Use server's cipher preferences (only SSLv2)
 -cipher       - preferred cipher to use, use the 'openssl ciphers'
                 command to see what is available
 -starttls prot - use the STARTTLS command before starting TLS
                 for those protocols that support it, where
                 'prot' defines which one to assume.  Currently,
                 only "smtp", "pop3", "imap", "ftp" and "xmpp"
                 are supported.
 -engine id    - Initialise and use the specified engine
 -rand file:file:...
 -sess_out arg - file to write SSL session to
 -sess_in arg  - file to read SSL session from
 -servername host  - Set TLS extension servername in ClientHello
 -tlsextdebug      - hex dump of all TLS extensions received
 -status           - request certificate status from server
 -no_ticket        - disable use of RFC4507bis session tickets
 -nextprotoneg arg - enable NPN extension, considering named protocols supported (comma-separated list)
 -legacy_renegotiation - enable use of legacy renegotiation (dangerous)
 -use_srtp profiles - Offer SRTP key management with a colon-separated profile list
 -keymatexport label   - Export keying material using label
 -keymatexportlen len  - Export len bytes of keying material (default 20)

ocsp

Signing / Digest and Timestamping

Signing / Digest

openssl dgst --help
unknown option '--help'
options are
-c              to output the digest with separating colons
-r              to output the digest in coreutils format
-d              to output debug info
-hex            output as hex dump
-binary         output in binary form
-hmac arg       set the HMAC key to arg
-non-fips-allow allow use of non FIPS digest
-sign   file    sign digest using private key in file
-verify file    verify a signature using public key in file
-prverify file  verify a signature using private key in file
-keyform arg    key file format (PEM or ENGINE)
-out filename   output to filename rather than stdout
-signature file signature to verify
-sigopt nm:v    signature parameter
-hmac key       create hashed MAC with key
-mac algorithm  create MAC (not neccessarily HMAC)
-macopt nm:v    MAC algorithm parameters or key
-engine e       use engine e, possibly a hardware device.
-md4            to use the md4 message digest algorithm
-md5            to use the md5 message digest algorithm
-ripemd160      to use the ripemd160 message digest algorithm
-sha            to use the sha message digest algorithm
-sha1           to use the sha1 message digest algorithm
-sha224         to use the sha224 message digest algorithm
-sha256         to use the sha256 message digest algorithm
-sha384         to use the sha384 message digest algorithm
-sha512         to use the sha512 message digest algorithm
-whirlpool      to use the whirlpool message digest algorithm

timestamping

openssl ts

usage:
ts -query [-rand file:file:...] [-config configfile] [-data file_to_hash] [-digest digest_bytes][-md2|-md4|-md5|-sha|-sha1|-mdc2|-ripemd160] [-policy object_id] [-no_nonce] [-cert] [-in request.tsq] [-out request.tsq] [-text]
or
ts -reply [-config configfile] [-section tsa_section] [-queryfile request.tsq] [-passin password] [-signer tsa_cert.pem] [-inkey private_key.pem] [-chain certs_file.pem] [-policy object_id] [-in response.tsr] [-token_in] [-out response.tsr] [-token_out] [-text] [-engine id]
or
ts -verify [-data file_to_hash] [-digest digest_bytes] [-queryfile request.tsq] -in response.tsr [-token_in] -CApath ca_path -CAfile ca_file.pem -untrusted cert_file.pem

Data handling

ASN.1

DER decoding

openssl asn1parse --help
unknown option --help
asn1parse [options] <infile
where options are
 -inform arg   input format - one of DER PEM
 -in arg       input file
 -out arg      output file (output format is always DER
 -noout arg    don't produce any output
 -offset arg   offset into file
 -length arg   length of section in file
 -i            indent entries
 -dump         dump unknown data in hex form
 -dlimit arg   dump the first arg bytes of unknown data in hex form
 -oid file     file of extra oid definitions
 -strparse offset
               a series of these can be used to 'dig' into multiple
               ASN1 blob wrappings
 -genstr str   string to generate ASN1 structure from
 -genconf file file to generate ASN1 structure from

Base64

base64 encoding / decoding

Base64

a String
openssl base64 -e <<< 'Welcome to openssl wiki'
V2VsY29tZSB0byBvcGVuc3NsIHdpa2kK
openssl base64 -d <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kK'
Welcome to openssl wiki

warning base64 line length is limited to 76 characters by default in openssl ( and generated with 64 characters / line ).

openssl base64 -e <<< 'Welcome to openssl wiki with a very long line that splits...'
V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRo
YXQgc3BsaXRzLi4uCg==
openssl base64 -d <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRoYXQgc3BsaXRzLi4uCg=='

=> NOTHING !

to be able to decode a base64 line without line feed that exceed 76 characters use -A option :

openssl base64 -d -A <<< 'V2VsY29tZSB0byBvcGVuc3NsIHdpa2kgd2l0aCBhIHZlcnkgbG9uZyBsaW5lIHRoYXQgc3BsaXRzLi4uCg=='
Welcome to openssl wiki with a very long line that splits...

This is anyway better to actualy split base64 result in 64 characters lines since -A option is BUGGY ( limit with long files ).

DER <-> PEM conversion

Many openSSL commands do support both PEM and DER formats on both inputs and outputs. The formats are specified with inform and outform optional parameters (default is usually PEM). Then it is easy to read it in a format and write it in another.

For instance, you have downloaded a certificate in DER and you need to PEM version for some signature verification commands. The x509 command that handles certificates will simply be invoked as:

OpenSSL> x509 -inform DER -in MyCertificate.der -out MyCertificate.pem

pkcs8 / pkcs5

pkcs8 is a format to store private keys. pkcs8 uses various pkcs5 version as subformat.

openssl pkcs8 --help
Usage pkcs8 [options]
where options are
-in file        input file
-inform X       input format (DER or PEM)
-passin arg     input file pass phrase source
-outform X      output format (DER or PEM)
-out file       output file
-passout arg    output file pass phrase source
-topk8          output PKCS8 file
-nooct          use (nonstandard) no octet format
-embed          use (nonstandard) embedded DSA parameters format
-nsdb           use (nonstandard) DSA Netscape DB format
-noiter         use 1 as iteration count
-nocrypt        use or expect unencrypted private key
-v2 alg         use PKCS#5 v2.0 and cipher "alg"
-v1 obj         use PKCS#5 v1.5 and cipher "alg"
 -engine e       use engine e, possibly a hardware device.

Diagnostics

SSL/TLS session information

openssl sess_id --help
unknown option --help
usage: sess_id args

 -inform arg     - input format - default PEM (DER or PEM)
 -outform arg    - output format - default PEM
 -in arg         - input file - default stdin
 -out arg        - output file - default stdout
 -text           - print ssl session id details
 -cert           - output certificate 
 -noout          - no CRL output
 -context arg    - set the session ID context

Further reading

  • Paul Heinlein. "OpenSSL Command-Line HOWTO". Has many quick cookbook-style recipes for doing common tasks using the "oppenssl" command-line application.