Read the contents of a cert:
openssl x509 -text -in [cert file]
Generate 2048 bit key and CSR:
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
Creating a self-signed cert with one command
openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -keyout www.example.com.pem -out www.example.com.pem
Verify key and cert match:
(openssl x509 -noout -modulus -in server.pem | openssl md5 ;\
openssl rsa -noout -modulus -in server.key | openssl md5) | uniq
openssl rsa -noout -modulus -in server.key | openssl md5) | uniq
More as I find them…
