2 Setting Up TLS/SSL With OpenSSL
This chapter describes the OpenSSL tools that are available in Oracle Linux and how to use them to create Certificate Signing Requests (CSRs), self-signed certificates, and privately owned CA certificates. Also covered in this chapter are instructions on how to use the OpenSSL tools to validate and test certificates that are configured for a protocol to confirm that services are configured correctly.
Features of the Openssl Command
With the openssl command, which is included in the
openssl package, you can perform a wide range of cryptography functions
from the OpenSSL library, including the following:
-
Create and managing pairs of private and public keys.
-
Perform public key cryptographic operations.
-
Create self-signed certificates.
-
Create certificate signing requests (CSRs).
-
Create certificate revocation lists (CRLs).
-
Convert certificate files between various formats.
-
Calculate message digests.
-
Encrypt and decrypt files.
-
Test client-side and server-side TLS/SSL with HTTP and SMTP servers.
-
Verify, encrypt, and sign S/MIME email.
-
Generate and test prime numbers and generate pseudo random data.