Openssl

here is a list of often needed openssl commands to work with ssl keys:

• Create new private key + CSR:

openssl req -new -newkey rsa:2048 -nodes 
  -keyout common_name.key -out common_name.csr

• Create CSR from existing private key:

openssl req -new -key common_name.key -out common_name.csr

• Check CSR:

openssl req -text -noout -verify -in common_name.csr

• Check private key:

openssl rsa -in common_name.key -check

• Check certificate:

openssl x509 -in common_name.crt -text -noout

• Remove password from key:

openssl rsa -in common_name.key.bak -out common_name.key

• Self-sign a CSR

openssl x509 -req -days 365 -in common_name.csr 
  -signkey common_name.key -out common_name.crt

• Check host certificate:

openssl s_client -connect HOST:PORT