Home
Search results “Openssl genrsa public key cryptography”
RSA Key Generation, Signatures and Encryption using OpenSSL
 
25:28
Demonstration of using OpenSSL to create RSA public/private key pair, sign and encrypt messages using those keys and then decrypt and verify the received messages. Commands used: openssl. Created by Steven Gordon on 7 March 2012 at Sirindhorn International Institute of Technology, Thammasat University, Thailand.
Views: 58612 Steven Gordon
Public Key Cryptography - RSA using OpenSSL
 
02:06
Demo of RSA using OpenSSL toolkit in linux.
Blockchain/Bitcoin for beginners 3: public/private keys, signatures... and first ever transaction
 
36:25
Detailed overview of public/private key encryption and live demo of exactly how digital signatures work on Mac, combining public and private keys and hash functions. Welcome to episode 3 of my series on Blockchain/Bitcoin. I'm joined once again by my girlfriend Nadisha who is my classroom pupil... I build on the hash function concepts from the previous episode and explain the basic concepts public and private keys and how to use them to create digital signatures - a key part of the bitcoin infrastructure. We demonstrate in a Mac terminal how you can generate your own keys and encrypt and decrypt and sign your own resources - learning by doing always works. We touch on bitcoin addresses, what they represent and how they are created. Finally I go back for a refresh of the bitcoin blockchain browser and look at the first ever bitcoin transaction in the "Genesis Block" to show what a real bitcoin address looks like. Bitcoin Blockchain browser https://blockchain.info Online hash calculator - great way to practice and familiarise with hash functions - one of the most important building blocks of Blockchain/Bitcoin http://www.fileformat.info/tool/hash.htm Course to date (previous videos) 1. Blockchain introduction https://youtu.be/xwA2TkcAQgQ 2. Hashing, blockchain networks and look at blockchain browser https://youtu.be/oxwMnqFNq9M SAMPLE COMMANDS: You will need to use your own document - pick any document, obviously your hash values will be different to mine. Also I had to use (right arrow) - since comments do not allow "chevron" symbols # EXAMPLE 1: # generate public and private keys openssl genrsa -out mykey 2048; cp mykey privatekey; openssl rsa -in mykey -pubout -out publickey; rm mike #encrypt with public key echo “the cat sat on the mat” | openssl rsautl -encrypt -pubin -inkey publicly (right arrow) cipher.txt # show the garbage cat cipher.txt # decrypt with private key - The cat sat on the mat cat cipher.txt | openssl rsautl -decrypt -inkey privately # EXAMPLE 2: Sign Alice in wonderland #check the SHA256 hash of the document to send - d9db7b8984d808b2821070cc6cc76e4415229d3356452b2a0f06ec3608f13b6c shasum -a 256 alice-in-wonderland.txt | cut -d" " -f1 # create a text file called signature which hashes the document and encrypts with private key shasum -a 256 alice-in-wonderland.txt | cut -d" " -f1 | openssl rsautl -inkey privatekey -sign (right arrow) signature # wrap the signature up with the public key, the document and the signature and send it … we just copy to another folder tar -cvf alice.tar signature alice-in-wonderland.txt publickey;mkdir -p inbox;cp alice.tar inbox;cd inbox;tar -xvf alice.tar # inspect the public key and verify with the sender that it belongs to the sender cat publickey #decrypt the signature with the received public key - d9db7b8984d808b2821070cc6cc76e4415229d3356452b2a0f06ec3608f13b6c openssl rsautl -inkey publickey -pubin -in signature # hash the received document - d9db7b8984d808b2821070cc6cc76e4415229d3356452b2a0f06ec3608f13b6c shasum -a 256 alice-in-wonderland.txt | cut -d" " -f1 # if they are both the same then the document cannot have been changed since it was signed by the genuine owner of the # private key corresponding to the public key
Views: 18482 Matt Thomas
Create private key with openssl
 
00:33
Create a 2048 bit private key with openssl. openssl genrsa -out private.key 2048
Views: 193 Querblick IT
Install OpenSSL on Windows XP and generate Encryption Keys
 
03:23
This gives an overview of loading OpenSSL and generating keys used for encryption. This is the keygen.cmd file text: Echo Confirm creation of P12 key named %1 pause set OPENSSL_CONF=C:\OpenSSL-Win64\bin\openssl.cfg c: cd\OpenSSL-Win64\bin Call openssl genrsa -des3 -out %1.key 2048 Call openssl req -new -key %1.key -out %1.csr call openssl req -new -nodes -keyout %1.key -out %1.csr -newkey rsa:2048 call openssl x509 -req -days 365 -in %1.csr -signkey %1.key -out %1.crt call openssl pkcs12 -export -in %1.crt -inkey %1.key -out %1.p12 -name “%1_Key" Echo Take note of where you saved the CC1.p12 file pause
Views: 11037 Paul Danis
openssl rsa rsautl genrsa
 
01:39
Encryption and decryption using openssl rsa
Views: 152 Electronic Elves
OpenSSL Tutorials #4: RSA key Creation and Encryption/Decryption
 
06:12
This show how to cipher a plain text and how to decipher the crypted text
Views: 6057 Openssl
Create self signed certificates with Subject Alternative Names
 
09:55
This video explains how to create a self signed certificate with Subject Alternative Names (SAN). A certificate with Subject Alternative Names is a single certificate supporting multiple Common Names (CN), for example: - mobilefish.com - sand.mobilefish.com - baidu.com - china.com This means this single certificate can be used in multiple URLs: - https://mobilefish.com - https://sand.mobilefish.com - https://baidu.com - https://china.com Chrome browsers will issue a warning if your SSL certificate does not specify Subject Alternative Names. This video assumes that you have installed OpenSSL. More information how to install and use OpenSSL:https://www.openssl.org To check if your system has OpenSSL installed, type: openssl version -a The procedure to create self signed certificates with Subject Alternative names is also documented at: https://www.mobilefish.com/developer/apache/apache_quickguide_install_macos_sierra.html Warning: Never use self signed certificates in production environments. It is okay to use it in development or testing environments. 1. Create a 2048 bit Certificate Authority (CA) private key: sudo openssl genrsa -out privkey.pem 2048 The CA private key is created: privkey.pem 2. Create a self signed CA certificate: sudo openssl req -new -x509 -days 3650 -nodes -key privkey.pem -sha256 -out ca.pem 3. Create a 2048 bit Certificate Authority (CA) certificate: Country Name (2 letter code) [AU]:NL State or Province Name (full name) [Some-State]:Noord-Holland Locality Name (eg, city) []:Zaandam Organization Name (eg, company) [Internet Widgits Pty Ltd]:Mobilefish.com CA The CA certificate is created: ca.pem 4. Create a server configuration file (server.csr.cnf). Example: https://www.mobilefish.com/download/openssl/sand.mobilefish.csr.cnf.txt Download and modify the server configuration file according to your situation. [dn] C=NL ST=Zaandam L=Noord-Holland O=End Point OU=Research and development [email protected] CN = sand.mobilefish.com 5. Create a server Certificate Signing Request (CSR) and server private key. sudo openssl req -new -nodes -out server.csr -keyout server.key -config server.csr.cnf The server CSR is created: server.csr The server private key is created: server.key 6. Create a server extension file (server_v3.ext). Example: https://www.mobilefish.com/download/openssl/sand.mobilefish_v3.ext.txt Modify the server extension file according to your situation. Add Subject Alternative Names: [alt_names] DNS.1 = sand.mobilefish.com DNS.2 = proxy.mobilefish.com In the sever configuration file (server.csr.cnf) I have used “CN = sand.mobilefish.com". This common name must be mentioned as one of the Subject Alternative Names. 7. Create the server certificate: sudo openssl x509 -req -in server.csr -CA ca.pem -CAkey privkey.pem -CAcreateserial -out server.crt -days 3650 -extfile server_v3.ext  The server certificate is created: server.crt The serial number file is created: ca.srl Each issued certificate must contain a unique serial number assigned by the CA. It must be unique for each certificate given by a given CA. OpenSSL keeps the used serial numbers on a file. The server certificate (server.crt) and server private key (server.key) are the two files you need to install on your server (Apache web server, proxy server). Always keep the private keys secure: - CA private key (privkey.pem) - Server private key (server.key) Recap We have created our own Certificate Authority (root certificate). But this CA is not trusted by our system. Next our CA has created a certificate with SAN. Trusted CA’s such as Comodo and GoDaddy are trusted because their root certificates are already imported in our system. In YouTube video “Geth supporting SSL using reverse proxy server” I will be using this self signed certificate to setup a reverse proxy server accessible by: https://proxy.mobilefish.com. Check out all my other Ethereum related tutorial videos: https://goo.gl/eNJVXe Subscribe to my YouTube channel: https://goo.gl/61NFzK The presentation used in this video tutorial can be found at: http://www.mobilefish.com/developer/blockchain/blockchain_quickguide_ethereum_related_tutorials.html #mobilefish #howto #ethereum
Views: 5086 Mobilefish.com
Generating CSR In Apache With OpenSSL
 
06:34
https://www.ssl.com/certificates/ How to install an SSL certificate using cPanel's Paper Lantern theme. https://info.ssl.com/
Views: 9379 SSL Corp
OpenSSL Tutorials #3: RSA key Creation and Digital Signature
 
06:47
This video show how create RSA key pair and how to sign and verify a text.
Views: 2929 Openssl
public key and private key generation and file security lab
 
16:48
Learn what is private key and publick key How to generate private key how to generate public key How to lock file using public key how to unlock file using private key. Key based security lab with Live Recording. This Cryptography Lab video is made during my cyber security Online classroom training #publickey #privatekey #security If you like My videos don't forget to like My Facebook Page: https://www.facebook.com/LinuxTiwary/ My BLOG: https://linuxtiwary.com/ http://slashroot.in My Linkedin Profile: https://www.linkedin.com/in/linuxtiwary/ My GOOGLE+ Profile: https://plus.google.com/b/104700807462506795891/118284586076026493744
Views: 54 slashrootdotin
How to generate key and cert using openSSL
 
04:29
This video describe how to generate an RSA private key and certification x509 to be used in Wakansa, to secure communication
Views: 41724 saad Mousliki
Генерация Private Key и CSR с помощью терминала
 
01:08
Генерация Private Key и CSR с помощью терминала: 1. Откройте терминал 2. Сгенерируйте приватный ключ при помощи команды: openssl genrsa -out private.key 2048 3. Сгенерируйте CSR при помощи команды: openssl req -new -key private.key -out your_domain.csr -sha256 4. Введите необходимые данные в латинской раскладке. Country Name (2 letter code), State or Province Name (full name) [Some-State], Locality Name (eg, city) [],Organization Name (eg, company) [Internet Widgits Pty Ltd], Common Name (e.g. server FQDN or YOUR name) [], Email Address [] 5. Файлы private.key и your_domain.csr сохранены в вашей папке пользователя 6. ВАЖНО: Сохраните в надежном месте файлы private.key и your_domain.csr. Повтор команды генерации не сделает точно такого же ключа — это будет другой ключ, и нужно будет снова генерировать для него CSR и перевыпускать сертификат https://fozzy.com/ — БЫСТРЕЕ БЫСТРОГО! 😎👍🏻 🔸 Виртуальный хостинг от 120 рублей в месяц. 🔸 Доменные имена от 80 рублей в год. 🔸 Linux VPS & Windows VPS от 299 рублей в месяц. 🔸 SSL сертификаты от 450 рублей в год.
Views: 1493 Fozzy Inc
Generating SSL certificate chain in Linux
 
33:15
This is a video guide on how to generate a root CA, intermediate CA and certificate signed by those, under Linux. ## FOR BETTER QUALITY!!! Increase the to HD using the gear HD. I will have a mirror and torrent available soon. https://www.lazytree.us/doku.php?id=blog:new_video ^ Blog entry about the video, or the direct content below https://www.lazytree.us/doku.php?id=public:linux:common#openssl I plan on restructuring the blog so please don't rely on the direct link ===== Task: ===== Generate a certificate chain with a private Certificate Authority. ===== Condition: ===== Given one Linux machine with root access (for trust), with openssl, potentially apache/nginx ===== Standard: ===== Have the certificate be trusted by the machine. ==== Steps: ==== 1. Generate Root key 2. Generate Root certificate 3. Generate Intermediate Certificate Authority key 4. Create Intermediate Certificate Signing Request (CSR) 5. Generate Intermediate Certificate signed by Root CA 6. Add certificates to Operating system's trust (Debian/deb-ish) 7. Generate RSA server key 8. Create server certificate signing request, to be signed by intermediate 9. Sign CSR, by intermediate CA 10. Verify everything 11. Webserver 12. verify again! ==== commands ==== openssl genrsa -out RootCA.key 4096 openssl req -new -x509 -days 1826 -key RootCA.key -out RootCA.crt echo 'Root Certificate done, now intermediate begins' openssl genrsa -out IntermediateCA.key 4096 openssl req -new -key IntermediateCA.key -out IntermediateCA.csr openssl x509 -req -days 1000 -in IntermediateCA.csr -CA RootCA.crt -CAkey RootCA.key -CAcreateserial -out IntermediateCA.crt echo 'intermediate done, now on to importing cert into the OS trust' cp *.crt /usr/local/share/ca-certificates/ update-ca-certificates echo 'now for the server specific material' openssl genrsa -out server.key 2048 OPENSSL_CONF=~/openssl.conf openssl req -new -key server.key -out server.csr openssl x509 -req -in server.csr -CA IntermediateCA.crt -CAkey IntermediateCA.key -set_serial 01 -out server.crt -days 500 -sha1 echo 'verification of sort here' openssl x509 -in server.crt -noout -text |grep 'host.localism' #optional, not going over. #echo 'for the sake of windows clients, we created a pkcs file, but lets create usable PEMs' #openssl pkcs12 -export -out IntermediateCA.pkcs -inkey ia.key -in IntermediateCA.crt -chain -CAfile ca.crt #openssl pkcs12 -in path.p12 -out newfile.crt.pem -clcerts -nokeys #openssl pkcs12 -in path.p12 -out newfile.key.pem -nocerts -nodes openssl s_client -connect 192.168.0.17:443 contents OPENSSL.conf [req] prompt = no default_md = sha1 #for video use only, sha256 onwards req_extensions = req_ext distinguished_name = dn [ dn ] C=US ST=North Carolina O=LazyTree localityName=Redacted OU=HomeLab [email protected] CN=www.lazytree.us
Views: 7940 Kevin Faulkner
How to create a self signed certificate with openssl on ubuntu 17.04 zesty zapus
 
01:45
OpenSSL is a general purpose cryptography library that provides an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. cd /etc/ssl/private openssl genrsa -aes128 -out server.key 2048 openssl rsa -in server.key -out server.key openssl req -new -days 3650 -key server.key -out server.csr openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 3650 chmod 400 server.*
Private Key and CSR generation using the Terminal
 
01:31
Private Key and CSR generation using the Terminal: 1. Open the Terminal 2. Generate a private key using following command: openssl genrsa -out private.key 2048 3. Generate CSR using following command: openssl req -new -key private.key -out your_domain.csr -sha256 4. Enter the required data using English keyboard: Country Name (2 letter code), State or Province Name (full name) [Some-State], Locality Name (eg, city) [],Organization Name (eg, company) [Internet Widgits Pty Ltd], Common Name (e.g. server FQDN or YOUR name) [], Email Address [] 5. Private Key and CSR were generated and saved in your user folder 6. IMPORTANT: Save the private.key and your_domain.csr in a safe place. Repeating the generation command will not do exactly the same key — it will be another key, and you will need to generate a CSR for it and reissue the certificate https://fozzy.com/ — THE FASTEST HOSTING! 😎👍🏻 🔸 Shared Hosting from $3.9 / month. 🔸 Domains from $0.82 / year. 🔸 Linux VPS & Windows VPS from $8.99 / month. 🔸 SSL certificates from $6.9 / year.
Views: 1121 Fozzy Inc
OpenSSL Tutorials #2: Creation and management of private and public key
 
08:40
This show how to generate rsa key pair and save it to file.
Views: 3128 Openssl
Pfsense: Decrypting SSL traffic with private key using wireshark - Part 8
 
13:19
If you like my videos then you may would like to subscribe also. :) Below openssl commands to see keys and certs in text format:- openssl rsa -in private.key -text openssl x509 -in rootCA.pem -text
Views: 5468 Ashok Dewan
openssl tutorial generate rsa,dsa  keys learn how to verify rsa,dsa keys
 
05:48
How to Generate RSA,DSA keys using OpenSSL
Views: 7511 Zariga Tongy
HAProxy unable to load SSL private key from PEM file
 
03:40
HAProxy unable to load SSL private key from PEM file http://fosshelp.blogspot.in/2016/11/how-to-create-pem-file-for-haproxy.html 1 Generate a unique private key KEY $sudo openssl genrsa -out mydomain.key 2048 Note: Content in this file start with -----BEGIN RSA PRIVATE KEY----- 2 Generating a Certificate Signing Request CSR $sudo openssl req -new -key mydomain.key -out mydomain.csr Note: Content in this file start with -----BEGIN CERTIFICATE REQUEST----- 3 Creating a Self-Signed Certificate CRT $openssl x509 -req -days 365 -in mydomain.csr -signkey mydomain.key -out mydomain.crt Note: Content in this file start with -----BEGIN CERTIFICATE----- 4 Append KEY and CRT to mydomain.pem $sudo bash -c 'cat mydomain.key mydomain.crt /etc/ssl/private/mydomain.pem' Note: This pem file contains 2 sections certificates, one start with -----BEGIN RSA PRIVATE KEY----- and another one start with -----BEGIN CERTIFICATE----- 5 Specify PEM in haproxy config $ sudo vim /etc/haproxy/haproxy.cfg listen haproxy bind 0.0.0.0:443 ssl crt /etc/ssl/private/mydomain.pem mode http option http-server-close option forwardfor reqadd X-Forwarded-Proto:\ https reqadd X-Forwarded-Port:\ 443 option forwardfor if-none balance roundrobin option abortonclose server 192.168.100.224 192.168.100.224:1443 check inter 10s rise 2 fall 3 ssl verify none 6 Restart haproxy $ sudo service haproxy restart
Views: 1911 ATOM
Cisco ASA version 9 How to generate encryption RSA keys
 
02:40
Author, teacher, and talk show host Robert McMillen shows you how to use the Cisco ASA version 9 generate RSA keys command
Views: 2467 Robert McMillen
cryptographie - 100% Technical
 
06:10
scripting avec PHP pour le cours de cryptographie cryptographie symétrique,cryptographie asymétrique, hybride, hash fichier, PKI, certificat x509 symetrique openssl version openssl list-standard-commands openssl list-cipher-commands /usr/local/lib/libmcrypt openssl ciphers -v Crypt text RAW Crypt text BASE64 Crypt text HEX openssl enc -base64 -e openssl enc -base64 -d asymetrique certificats X509 Generate Private key openssl genrsa -out key.pem 1024 openssl rsa -in key.pem -text -noout openssl enc -base64 -in key.pem Generate Public key openssl rsa -in key.pem -pubout -out Key_pub.pem Hash function md5sum tmp.txt sha1sum tmp.txt openssl dgst -md5 tmp.txt openssl dgst -sha1 tmp.txt SSL openssl smime -verify -in msg.txt openssl dgst -md5 -out message_hash.txt message.txt openssl rsautl -encrypt -in $file -inkey $key -pubin -out $outFile openssl enc -base64 -in $outFile openssl rsautl -decrypt -in $file -inkey $key -out $outFile openssl list-message-digest-commands openssl dgst -sha1 -out $outFile -sign $private_key message.txt openssl dgst -signature $signFile -verify $public_key $outFile openssl x509 -noout -in cert.pem -issuer -subject -dates openssl x509 -text -in certif.crt openssl req -text -in request.csr openssl x509 -noout -in cert.pem -issuer -subject -dates
Views: 1528 Rafik GUEHRIA
unable to load SSL certificate from PEM file
 
03:05
unable to load SSL certificate from PEM file http://fosshelp.blogspot.in/2016/11/how-to-create-pem-file-for-haproxy.html 1 Generate a unique private key KEY $sudo openssl genrsa -out mydomain.key 2048 Note: Content in this file start with -----BEGIN RSA PRIVATE KEY----- 2 Generating a Certificate Signing Request CSR $sudo openssl req -new -key mydomain.key -out mydomain.csr Note: Content in this file start with -----BEGIN CERTIFICATE REQUEST----- 3 Creating a Self-Signed Certificate CRT $openssl x509 -req -days 365 -in mydomain.csr -signkey mydomain.key -out mydomain.crt Note: Content in this file start with -----BEGIN CERTIFICATE----- 4 Append KEY and CRT to mydomain.pem $sudo bash -c 'cat mydomain.key mydomain.crt /etc/ssl/private/mydomain.pem' Note: This pem file contains 2 sections certificates, one start with -----BEGIN RSA PRIVATE KEY----- and another one start with -----BEGIN CERTIFICATE----- 5 Specify PEM in haproxy config $ sudo vim /etc/haproxy/haproxy.cfg listen haproxy bind 0.0.0.0:443 ssl crt /etc/ssl/private/mydomain.pem mode http option http-server-close option forwardfor reqadd X-Forwarded-Proto:\ https reqadd X-Forwarded-Port:\ 443 option forwardfor if-none balance roundrobin option abortonclose server 192.168.100.224 192.168.100.224:1443 check inter 10s rise 2 fall 3 ssl verify none 6 Restart haproxy $ sudo service haproxy restart
Views: 212 ATOM
Zertifikatautorität (CA) & Clientzertifikat erstellen
 
11:25
Eine Zertifikatsautorität (CA) mittels openSSL erstellen. Hierzu wird ein privater, 4096 Bit langer Schlüssel erzeugt, der durch eine AES-256 Verschlüsselung geschützt ist. Mit diesem wird ein X.509v3 Root-Zertifikat erstellt, das eine Gültigkeit von einem Jahr hat. Abschließend wird ein Clientzertifikat erstellt. Kommandokonsolenbefehle: openssl genrsa -aes256 -out ca-priv-key.pem 4096 openssl req -x509 -new -nodes -extensions v3_ca -key ca-priv.pem -days 365 -out ca-pub-key.pem -sha512 openssl genrsa -out client-key.pem 2048 openssl req -new -key client-key.pem -out client.csr -sha512 openssl x509 -req -in client.csr -CA ca-pub-key.pem -CAkey ca-priv-key.pem -CAcreateserial -out client-pub-key.pem -days 365 -sha512 Detaillierte Anleitung: https://thomas-leister.de/eine-eigene-openssl-ca-erstellen-und-zertifikate-ausstellen/
Views: 753 Marvin Bruns
OpenSSL install and cert creation
 
03:49
This video walks you thru the installation of OpenSSL and the creation of a Private and Public certs
Views: 95904 gsayer1234
nodejs ssl,tls configuration using openssl
 
02:00
The tls module uses OpenSSL to provide Transport Layer Security and/or Secure Socket Layer: encrypted stream communication. Use require('tls') to access this module. openssl genrsa -out mykey.pem 1024 openssl req -new -key mykey.pem -out mykey-csr.pem openssl x509 -req -in mykey-csr.pem -signkey mykey.pem -out my-cert.pem var tls = require('tls'); var fs = require('fs'); var options = { key : fs.readFileSync('mykey.pem'), cert: fs.readFileSync('my-cert.pem') } tls.createServer(options,function(s) { s.write("welcome!\n"); s.pipe(s); }).listen(8000);
Views: 4179 Zariga Tongy
#sslcertificate | Create Self Signed SSL Certificate on Redhat Server
 
07:40
Please subscribe my channel: https://www.youtube.com/channel/UCry2uNX0352LFVmpEORHPiA How to Create self signed ssl certificate? First you need to install httpd & mod_ssl package if you using Rehat OS, for other install open ssl package Command: yum install httpd mod_ssl -y systemctl start httpd systemctl enable httpd then you need to open firewall for http & https 1. Generate a private key with 2048 bit encryption as follows. openssl genrsa -out server01.key 2048 2. Then generate the certificate signing request (CSR) by using the following command openssl req -new -key server01.key -out server01.csr 3. Generate a self-signed certificate of X509 type which remains active for 365 days. openssl x509 -req -days 365 -in server01.csr -signkey server01.key –out server01.crt 4. After generating the certificates, copy the files to the necessary directory. cp server01.crt /etc/pki/tls/certs cp server01.key /etc/pki/tls/private/ cp server01.csr /etc/pki/tls/private
Views: 79 Linux with Anirban
ГОСТ в OpenSSL — 12 лет международного взаимодействия
 
29:49
http://0x1.tv/20170924E ГОСТ в OpenSSL — 12 лет международного взаимодействия (Дмитрий Белявский, OSSDEVCONF-2017) * Дмитрий Белявский ------------- Начиная с 2005 года мои коллеги и я занимаемся внедрением поддержки российской специфики в OpenSSL. Российская специфика не сводится к криптографии, хотя начиналось всё именно с неё. Не меньшее значение имеет и корректный вывод русских букв, и поддержка расширений X.509-сертификатов, и многое другое. На первом этапе работа сводилась прежде всего к выделению структур, предназначенных реализовать более-менее любой алгоритм электронной подписи в OpenSSL. Этот этап был закончен к выходу версии 1.0, когда эти структуры были специфицированы, и в состав проекта OpenSSL вошла реализация алгоритмов шифрования, хеширования и электронной подписи по … держки ГОСТ в TLS, PKCS12, PKCS8 и кое-где по мелочи входит в апстрим. Реализация алгоритмов живёт о
Views: 50 Stas Fomin
Self-Signed SSL Certificate for Nginx in CentOS
 
04:24
- Create Server Key and Certificate Signing Request: sudo openssl genrsa -des3 -out server.key 2048 sudo openssl req -new -key server.key -out server.csr - Remove Passphrase: sudo cp server.key server.key.org sudo openssl rsa -in server.key.org -out server.key - Create Self-Signed SSL Certificate: sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt - Edit file: /etc/nginx/domains/lehonghai.com.conf server { listen 443; server_name lehonghai.com www.lehonghai.com; ssl on; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; ssl_session_timeout 5m; ssl_session_cache shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; }
Views: 325 Lê Hồng Hải
Configure SSL/TLS for MQTT broker mosquitto
 
04:44
My MQTT client https://github.com/dinhhuy258/mqtt-client Generate a certificate authority certificate and key openssl req -new -x509 -days duration -keyout mqtt_ca.key -out mqtt_ca.crt Generate a server key openssl genrsa -des3 -out mqtt_server.key size_of_private_key_in_bits Generate a certificate signing request to send to the CA openssl req -out mqtt_server.csr -key mqtt_server.key -new Send the CSR to the CA, or sign it with your CA key openssl x509 -req -in mqtt_server.csr -CA mqtt_ca.crt -CAkey mqtt_ca.key -CAcreateserial -out mqtt_server.crt -days duration Generate a client key openssl genrsa -des3 -out mqtt_client.key size_of_private_key_in_bits Generate a certificate signing request to send to the CA openssl req -out mqtt_client.csr -key mqtt_client.key -new Send the CSR to the CA, or sign it with your CA key openssl x509 -req -in mqtt_server.csr -CA mqtt_ca.crt -CAkey mqtt_ca.key -CAcreateserial -out mqtt_server.crt -days duration Configure mosquitto file port 8883 cafile your_path/mqtt_ca.crt certfile your_path/mqtt_server.crt keyfile your_path/mqtt_server.key require_certificate true //set it if you want to verify client's certificate tls_version tlsv1.1
Views: 11064 HuyITF
How to generate a RSA key on Windows 10. 2017
 
03:17
Git bash: https://git-scm.com/download/win
Views: 514 I Need to Code.
Error: Openssl is not recognized as an internal or external command - windows 7
 
08:22
This is a reponse video for the mybringback facebook sdk tutorial number 2 by Travis. Requested my Alekmodi19.
Views: 12884 DelaNation
How to Install SSL Certificate on Linux Apache Web Server
 
17:11
SSL stands for Secure Sockets Layer, the protocol which provides the encryption. SSL Certificates provide secure, encrypted communications between a website and an internet browser. SSL Certificates are typically installed on pages that require end-users to submit sensitive information over the internet like credit card details or passwords. SSL certificate used to secure our web site and web app. Steps to install SSL Certificate on Linux(Ubuntu/Debian) Apache Web Server. Step1: Install OpenSSL on Linux OpenSSL is a software library to be used in applications that need to secure communication over the internet. To install on Ubuntu/Debian run the following command sudo apt-get update sudo apt-get install openssl Step2: Generate Key and CSR for certificate request CSR stands for Certificate Signing request, To generate server key file run the following command, replace example.com to your domain name on which you want to install ssl certificate. openssl genrsa -out example.com.key 2048 Generate CSR file you may run the following command openssl req -new -sha256 -key example.com.key -out example.com.csr When you will run the above command it will ask your information like Country: IN State / Province: XYZ City: XYZ Department:XYZ Organization: XYZ Common Name: www.example.com *Fill your details and hit enter, In Country provide two digit of your country code(example India: IN, USA: US etc ) Download these two file(example.com.key and example.com.csr) and submit submit it to certificate provider, Than they will issue certificate. The certificate should contains two file .crt and .ca-bundle or bundle.crt Put your certificate file, bundle file and key file in the directory /etc/ssl/certs/ SSLCertificateFile --- Certificate file SSLCertificateKeyFile --- Server key file SSLCertificateChainFile --- bundle file step3: Configuration of Certificate in Apache web server Add the virtual host in apache sudo nano /etc/apache2/site-enabled/000-default.conf virtual host like <VirtualHost *:443> ServerAdmin [email protected] DocumentRoot /var/www/html ServerName example.com ServerAlias www.example.com SSLEngine on SSLCertificateFile /etc/ssl/certs/example.com.crt SSLCertificateKeyFile /etc/ssl/certs/example.com.key SSLCertificateChainFile /etc/ssl/certs/example_bundle.crt <Directory /var/www/html> Options FollowSymLinks AllowOverride All </Directory> </VirtualHost> #Redirect all http traffic to https <VirtualHost *:80> ServerName example.com ServerAlias www.example.com Redirect permanent / https://www.example.com </VirtualHost> Now enable SSL Mode in apache sudo a2enmod ssl Restart apache services sudo service apache2 restart Step4: Test Open your website URL in web browser eg. example.com or www.example.com Done!!! install ssl certificate how to install ssl certificate apache how to install ssl certificate godaddy how to install ssl certificate in linux how to install ssl certificate cpanel install ssl certificate apache ubuntu install ssl certificate apache centos apache ssl configuration step by step how to install ssl certificate in linux apache install ssl certificate linux command line ubuntu 16.04 apache ssl enable ssl apache2 ubuntu install godaddy ssl certificate apache ubuntu ubuntu ssl certificate location apache2 enable ssl install comodo ssl certificate apache ubuntu ubuntu install ssl certificate create self signed certificate ubuntu ubuntu 16.04 apache ssl
Views: 39944 X Admin
nodejs ssl,tls configuration using openssl
 
01:58
http://tinyurl.com/npdqhok Secret discount page for SSLThe tls module uses OpenSSL to provide Transport Layer Security and/or Secure Socket Layer: encrypted stream communication. Use require(\'tls\') to access this module. openssl genrsa -out 1024 openssl req -new -key -out openssl x509 -req -in -signkey -out var tls = require(\'tls\'); var fs = require(\'fs\'); var options = { key : (\'\'), cert: (\'\') } (options,function(s) { (\"welcome!n\"); (s); }).listen(8000);
Views: 166 discton
HTTP y SSL
 
02:13
Idea Original : Marco A.R. Martagon Diseño y Producción : Marco A.R. Martagon Musica : Jonathan Ryno - Kwackwack -Original Mix- ITESM MCE Marco A.R. Martagon Licencia GPL GNU Notas: 1.-El procedimiento orginal Ref:2 fue modificado para funcionar en ubuntu 12.04 2.-Recuerda "pass phrase" es la contraseña que tendrás que mantener en secreto y se te solicitara al crear el archivo .key ## Instalar el SSH server, solo si quieres acceder vía $ssh [email protected] sudo apt-get install opens-server ## Instalar Apache HTTP server sudo apt-get install apache2 ## Descargar SSL sudo a2enmod ssl ## Installar la configuracion por defecto sudo aensite default-ssl ## Reiniciamos para que tome el modulo SSL sudo /etc/init.d/apache2 restart ## Creamos los certificados y configuramos el Apache HTML server cd /etc/apache2 sudo openssl genrsa -des3 out server.key 1024 sudo openssl req -new -key server.key -out server.csr sudo openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt ## Generamos un .key en el cual al momento de reiniciar el apache ## no pregunte por el pass phrase sudo openssl rya -in server.key -out server_nopass.key ## Copiamos el .CRT y .KEY a la localidad correcta sudo cp server.crt /etc/ssl/certs sudo cp server_nopass.key /etc/ssl/private ## Editamos apache para que use el certificado que generamos cd /etc/apache2/sites-available sudo vi default-ssl SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server_nopass.key ESC:x ENTER ## sudo a2ensite default-ssl sudo /etc/init.d/apache2 restart ## sudo cp index.html /var/www ## buscamos la IP del servidor HTTPS para ser usada en el nevegador ## https://La_IP_que_se_muestra_en_el_comando_siguiente/ ifconfig | grep "inet addr" ## listo ahora prueba acceder al sitio con https://IP_del_servidor_corriendo_https/ Referencias 1.-CPA-2014-Cocoa Packet Analyzer. Recuperado de http://www.tastycocoabytes.com/cpa/ 2.-BetaTwits -2010-Activar SSL en Apache2. Recuperado de http://betatwits.wordpress.com/2010/07/21/activar-ssl-en-apache2-ubuntu-10-04/ 3.-OpenSSL-2014- SSL/TSL. Recuperado de https://www.openssl.org/ 4.-SSL.COM-2014-What is SSL. Recuperado de http://info.ssl.com/article.aspx?id=10241
Views: 347 Marco Martagon
Encriptar Simetrico y Asimentrico con OpenSSL
 
11:51
######## CIFRADO SIMETRICO ######## 1. Encriptar con AES openssl aes-256-cbc -a -salt -in prueba.txt -out pruebaencriptado.txt.enc 2. Desencriptar con AES openssl aes-256-cbc -d -a -in pruebaencriptado.txt.enc -out pruebadesencriptado.txt ######## CIFRADO ASIMETRICO ######## 1. Generamos llave privada del algoritmo RSA openssl genrsa -out privada1.key 1024 2. Generamos Claves publicas derivadas de la llave privada openssl rsa -in privada1.key -pubout -out publica1.key 3. Encriptamos openssl rsautl -pubin -encrypt -in prueba.txt -out pruebaencriptado.txt -inkey publica1.key 4. Desencriptar openssl rsautl -decrypt -in pruebaencriptado.txt -out pruebadesencriptado.txt -inkey privada1.key
How to setup a self signed SSL certificate on IIS6 - Part 2 of 3
 
09:58
How to setup a self signed SSL certificate on IIS6 using OpenSSL on a Windows 2003 server - Part 2 of 3
Views: 14116 datakix
Generar llaves pública y privada en Windows con OpenSSL
 
01:05
OpenSSL para Windows: http://adf.ly/pWSXd Vean como hacerlo en linux, ademas de crear un CA y generar un CRL: https://www.youtube.com/watch?v=VELNKFfhpvo
Views: 7428 Axell Alvarado
Ejercicio: Crear un certificado Virtual
 
06:02
Ejercicio del día Lunes 21-set Crear un Certificado Virtual Las Líneas de código: 1.- genrsa -des3 -passout pass:TELEinformatica123 -out rsaprv.pem 1024 2.- req -new -key rsaprv.pem -out hostcsr.pem 3.- dgst -sha1 -sign rsaprv.pem -out archivofirmado.txt archivo.txt 4.- x509 -req -days 3650 -in hostcsr.pem -signkey rsaprv.pem -out rsacert.crt 5.- openssl rsa -in rsaprv.pem -pubout #AQUI VA EL SIGNO MAYIOR, GOOGLE+ NO DEJA ESCRIBIR ESO AQUI# rsapub.key 6.- openssl dgst -sha1 -verify rsapub.key -signature archivofirmado.txt archivo.txt El rar comprimido: https://mega.nz/#!ChwigJza!Ps_AEhtwZCq3DMeV6DIcGJ6Wpg4PDpsR6ymOhPtLIo4 La canción? F-zero - Mute City
Views: 433 ReNixMaR