Create new private key:
openssl genrsa -out myServer.key 2048
Create self-signed certificate, good for 10 years:
openssl req -x509 -key myServer.key -out myServer.crt -days 3652
Create new Certificate Signing Request:
openssl req -new -key myServer.key -out myServer.csr
Create a PKCS12 bundle file from cert/key
openssl pkcs12 -export -out myFile.p12 -inkey myServer.key -in MyServer.crt
Convert a key from PEM to RSA format
openssl rsa -in myServer.key -out myServer-rsa.key
Check if a cert matches a key:
openssl x509 -noout -modulus -in myServer.crt | openssl md5 ;\ openssl rsa -noout -modulus -in myServer.key | openssl md5
Perform a simulate SSL handshake to a website:
openssl s_client -connect www.mysite.com:443