Here’s the command this article is talking about:
openssl x509 -in proxy.cer -inform der -outform pem -out proxy.crt
This command basically converts a binary certificate into a base64-encoded one (i.e. text).
openssl command is the Swiss Army knife of encryption tools.
It can encrypt/decrypt files as well as manage certificates that are
used for secure connections on the Internet.
This command that I’ve posted does one thing - it converts a certificate from its binary form into a text form (base64-encoding).
Prior to posting this, I’ve done my research and have encountered this command before. The problem is the pages that I’ve read does not state it as simply.
Pages that I’ve read simply say that the above command changes the DER format of the certificate into the PEM format without going into details what the PEM format is. After some trial-and-error, I realised that in very layman terms, the PEM format is a text representation of the certificate.
Other commands that might be useful
openssl x509 -in file.cer -inform der -text -noout
Presents the information (
-text) in the certificate (
is the file (
-in file.cer) which is in a binary format (
der). Omit the certificate from the output (
-noout) - this option
is not required.
openssl dgst -md5 file
Creates a MD5 (
-md5) checksum (
dgst) of a file (
openssl enc -aes-256-cbc -a -nosalt -in infile.jpg -out outfile.jpg.enc
This command encrypts (
enc) a file (
-in infile.jpg) using the
AES 256-bit cipher block chaining cipher (
-aes-256-cbc) with no
-nosalt) into a base-64 format (
-a) and saves the output
as a file (
-a switch to keep it in binary format which is almost
always smaller than the equivalent binary format.)
openssl enc -d -aes-256-cbc -a -in outfile.jpg.enc -out newfile.jpg
This is the reverse operation: decrypts (
enc -d) a file (
outfile.jpg.enc) using the same cipher (
-aes-256-cbc) from a base-64
-a) and saves the output into a file (
For a list of ciphers: