Most OpenSSL documentation out there only shows you how to create a new key and signs it with in single command. I wanted to use a self-signed in the interm while waiting for my third-party CA approve my certificate. I already had an existing key. Here is the command to create a self-signed certificate from an existing RSA key.
#> openssl req -x509 -new -key {KEYFILE} -out {SELFSIGNEDCERT}
This perl script makes the process of unbundling certificates into single files an easy task. Just run the and it will dump the generated files to the current directory.
Syntax: ./cert-split-batch.pl <cert_bundle.crt>
More than once, I've needed root access to a server over SCP. As we all know, allowing SSH access with the root user is a blaring security hole because the user is a well-known userid with superuser access. This makes it the first thing that a hacker or script-kiddie will check. If you create another user with userid number 0 and set PermitRootLogin to 'no' in the sshd_config file, you will still not be able to login. The PermitRootLogin option actually blocks ANY user if their user id number equals 0.
Here are a few CLI commands to convert a java key store file to a PKCS12 encoded cert chain and back. This requires the java development kit (Sun/Oracle JDK) 6 or newer.
JKS → P12
$> keytool -importkeystore \ -srckeystore keystore.jks \ -srcstoretype JKS \ -deststoretype PKCS12 \ -destkeystore keystore.p12
P12 → JKS
To import a CSR in to a Windows Certificate Authority Server, you must define a certificate template. OpenSSL does not do this because this is a Microsoft only concept. With the use of the 'certreq' command, you can apply a template type during the request import process. This command should be available on your Microsoft CA server.
certreq -submit -attrib "CertificateTemplate:WebServer" request.csr
Trend Secure's famous HiJackThis program.
http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis/Home of SpinRight and SheildsUp software.
http://www.grc.com/default.htmOff-the-record IM encryption. OTR supports multiple IM clients.
http://www.cypherpunks.ca/otr/