====== OpenSSL ======
^ Command ^ Effect ^
^ Certificate creation ^
| ''openssl req -newkey rsa:2048 -nodes -keyout mycert.key -x509 -days 365 -out mycert.pem'' | Create self-signed certificate |
| ''openssl req -new -newkey rsa:2048 -nodes -keyout mycert.key -out mycert.csr'' | Create certificate signing request (CSR) |
| ''openssl x509 -req -days 1825 -in mycert.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out mycert.crt'' | Use CSR to create a certificate against the CA |
| ''openssl dhparam -out dhparam-2048.pem 2048 '' | Generate Diffie-Hellman (DH) parameters |
^ Conversion & Combination ^
| ''openssl pkcs12 -export -out mycert.pfx -inkey mycert.key -in mycert.crt -certfile ca.crt'' | combine key, CA and client certificate to PKCS12 bundle |
^ Random Number Generation ^
| ''openssl rand -hex 32'' | Generate random 32-Byte hex value |