4.7. Using OpenSSL
OpenSSL is a library that provides cryptographic protocols to applications. The openssl command line utility enables using the cryptographic functions from the shell. It includes an interactive mode.
The openssl command line utility has a number of pseudo-commands to provide information on the commands that the version of openssl installed on the system supports. The pseudo-commands
list-cipher-commandsoutput a list of all standard commands, message digest commands, or cipher commands, respectively, that are available in the present openssl utility.
list-message-digest-algorithmslist all cipher and message digest names. The pseudo-command
list-public-key-algorithmslists all supported public key algorithms. For example, to list the supported public key algorithms, issue the following command:
The pseudo-command no-command-name tests whether a command-name of the specified name is available. Intended for use in shell scripts. See man openssl(1) for more information.
4.7.1. Creating and Managing Encryption Keys
With OpenSSL, public keys are derived from the corresponding private key. Therefore the first step, once having decided on the algorithm, is to generate the private key. In these examples the private key is referred to as privkey.pem. For example, to create an RSA private key using default parameters, issue the following command:
The RSA algorithm supports the following options:
rsa_keygen_bits:numbits— The number of bits in the generated key. If not specified
rsa_keygen_pubexp:value— The RSA public exponent value. This can be a large decimal value, or a hexadecimal value if preceded by
0x. The default value is
For example, to create a 2048 bit RSA private key using
3as the public exponent, issue the following command:
To encrypt the private key as it is output using 128 bit AES and the passphrase “hello”, issue the following command:
See man genpkey(1) for more information on generating private keys.
4.7.2. Generating Certificates
To generate a certificate using OpenSSL, it is necessary to have a private key available. In these examples the private key is referred to as privkey.pem. If you have not yet generated a private key, see Section 4.7.1, “Creating and Managing Encryption Keys”
To have a certificate signed by a certificate authority (CA), it is necessary to generate a certificate and then send it to a CA for signing. This is referred to as a certificate signing request. See Section 220.127.116.11, “Creating a Certificate Signing Request” for more information. The alternative is to create a self-signed certificate. See Section 18.104.22.168, “Creating a Self-signed Certificate” for more information.
22.214.171.124. Creating a Certificate Signing Request
To create a certificate for submission to a CA, issue a command in the following format:
This will create an X.509 certificate called
cert.csrencoded in the default privacy-enhanced electronic mail (PEM) format. The name PEM is derived from “Privacy Enhancement for Internet Electronic Mail” described in RFC 1424. To generate a certificate file in the alternative DER format, use the
After issuing the above command, you will be prompted for information about you and the organization in order to create a distinguished name (DN) for the certificate. You will need the following information:
- The two letter country code for your country
- The full name of your state or province
- City or Town
- The name of your organization
- The name of the unit within your organization
- Your name or the host name of the system
- Your email address
The req(1) man page describes the PKCS# 10 certificate request and generating utility. Default settings used in the certificate creating process are contained within the
/etc/pki/tls/openssl.cnffile. See man
openssl.cnf(5)for more information.
126.96.36.199. Creating a Self-signed Certificate
To generate a self-signed certificate, valid for
366days, issue a command in the following format:
188.8.131.52. Creating a Certificate Using a Makefile
/etc/pki/tls/certs/directory contains a
Makefilewhich can be used to create certificates using the
makecommand. To view the usage instructions, issue a command as follows:
~]$Alternatively, change to the directory and issue the
make -f /etc/pki/tls/certs/Makefile
makecommand as follows:
See the make(1) man page for more information.
4.7.3. Verifying Certificates
A certificate signed by a CA is referred to as a trusted certificate. A self-signed certificate is therefore an untrusted certificate. The verify utility uses the same SSL and S/MIME functions to verify a certificate as is used by OpenSSL in normal operation. If an error is found it is reported and then an attempt is made to continue testing in order to report any other errors.
To verify multiple individual X.509 certificates in PEM format, issue a command in the following format:
openssl verify cert1.pem cert2.pem
To verify a certificate chain the leaf certificate must be in
cert.pemand the intermediate certificates which you do not trust must be directly concatenated in
untrusted.pem. The trusted root CA certificate must be either among the default CA listed in
/etc/pki/tls/certs/ca-bundle.crtor in a
cacert.pemfile. Then, to verify the chain, issue a command in the following format:
See man verify(1) for more information.
Verification of signatures using the MD5 hash algorithm is disabled in Red Hat Enterprise Linux 7 due to insufficient strength of this algorithm. Always use strong algorithms such as SHA256.
4.7.4. Encrypting and Decrypting a File
For encrypting (and decrypting) files with OpenSSL, either the
encbuilt-in commands can be used. With
RSAkeys are used to perform the encrypting and decrypting, whereas with
enc, symmetric algorithms are used.
Using RSA Keys
To encrypt a file called
plaintext, issue a command as follows:
The default format for keys and certificates is PEM. If required, use the
-keyform DERoption to specify the DER key format.
To specify a cryptographic engine, use the
-engineoption as follows:
-inkeyprivkey.pem -engine id
Where id is the ID of the cryptographic engine. To check the availability of an engine, issue the following command:
To sign a data file called plaintext, issue a command as follows:
To verify a signed data file and to extract the data, issue a command as follows:
To verify the signature, for example using a DSA key, issue a command as follows:
-infile -sigfile sig
The pkeyutl(1) manual page describes the public key algorithm utility.
Using Symmetric Algorithms
To list available symmetric encryption algorithms, execute the
enccommand with an unsupported option, such as
openssl enc -l
To specify an algorithm, use its name as an option. For example, to use the
aes-128-cbcalgorithm, use the following syntax:
openssl enc -aes-128-cbc
To encrypt a file called
aes-128-cbcalgorithm, enter the following command:
openssl enc -aes-128-cbc -in plaintext -out plaintext.aes-128-cbc
To decrypt the file obtained in the previous example, use the
-doption as in the following example:
openssl enc -aes-128-cbc -d -in plaintext.aes-128-cbc -out plaintext
enccommand does not properly support
AEADciphers, and the
ecbmode is not considered secure. For best results, do not use other modes than
4.7.5. Generating Message Digests
dgstcommand produces the message digest of a supplied file or files in hexadecimal form. The command can also be used for digital signing and verification. The message digest command takes the following form:
openssl dgst algorithm
Where algorithm is one of
md5|md4|md2|sha1|sha|mdc2|ripemd160|dss1. At time of writing, the SHA1 algorithm is preferred. If you need to sign or verify using DSA, then the
dss1option must be used together with a file containing random data specified by the
To produce a message digest in the default Hex format using the sha1 algorithm, issue the following command:
openssl dgst sha1
To digitally sign the digest, using a private key privekey.pem, issue the following command:
openssl dgst sha1
See man dgst(1) for more information.
4.7.6. Generating Password Hashes
passwdcommand computes the hash of a password. To compute the hash of a password on the command line, issue a command as follows:
openssl passwd password
-cryptalgorithm is used by default.
To compute the hash of a password from standard input, using the MD5 based BSD algorithm
1, issue a command as follows:
openssl passwd -
-apr1option specifies the Apache variant of the BSD algorithm.
openssl passwd -1 passwordcommand only with FIPS mode disabled. Otherwise, the command does not work.
To compute the hash of a password stored in a file, and using a salt
xx, issue a command as follows:
The password is sent to standard output and there is no
-outoption to specify an output file. The
-tablewill generate a table of password hashes with their corresponding clear text password.
See man sslpasswd(1) for more information and examples.
4.7.7. Generating Random Data
To generate a file containing random data, using a seed file, issue the following command:
Multiple files for seeding the random data process can be specified using the colon,
:, as a list separator.
See man rand(1) for more information.
4.7.8. Benchmarking Your System
To test the computational speed of a system for a given algorithm, issue a command in the following format:
openssl speed algorithm
where algorithm is one of the supported algorithms you intended to use. To list the available algorithms, type
openssl speedand then press tab.
4.7.9. Configuring OpenSSL
OpenSSL has a configuration file
/etc/pki/tls/openssl.cnf, referred to as the master configuration file, which is read by the OpenSSL library. It is also possible to have individual configuration files for each application. The configuration file contains a number of sections with section names as follows:
[ section_name ]. Note the first part of the file, up until the first
[ section_name ], is referred to as the default section. When OpenSSL is searching for names in the configuration file the named sections are searched first. All OpenSSL commands use the master OpenSSL configuration file unless an option is used in the command to specify an alternative configuration file. The configuration file is explained in detail in the
Two RFCs explain the contents of a certificate file. They are: