Changes in 9603776: Updated compute/ssl-debug.md

				compute/ssl-debug.md
			
          @@ -2,24 +2,24 @@

           <!-- SUBTITLE: SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT? What the fuck does that mean? -->

           ### Read cert

          -`$ echo | openssl s_client -host \<hostname> -port 443 | openssl x509 -noout -text`

          +`$ echo | openssl s_client -host <hostname> -port 443 | openssl x509 -noout -text`

           ### Read cert and check

          -`$ echo | openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile /etc/ssl/cert.pem | openssl x509 -noout -text`

          +`$ echo | openssl s_client -servername <hostname> -connect <hostname>:443 -CAfile /etc/ssl/cert.pem | openssl x509 -noout -text`

           ### Dump cert chain

          -`$ echo | openssl s_client -showcerts -servername \<hostname> -connect \<hostname>:443`

          +`$ echo | openssl s_client -showcerts -servername <hostname> -connect <hostname>:443`

           ### Dump cert chain to individual files

          -`$ echo | openssl s_client -showcerts -servername \<hostname> -connect \<hostname>:443 | \

          +`$ echo | openssl s_client -showcerts -servername <hostname> -connect <hostname>:443 | \

           sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p'  | \

           awk 'BEGIN {i=0} /BEGIN CERT/{i++} { print > "cert" i ".pem"}'`

           ### Read CRL

          -`$ openssl crl -inform {DER|PEM} -noout -text -in \<crl file>`

          +`$ openssl crl -inform {DER|PEM} -noout -text -in <crl file>`

           ### Test connection

          -`$ echo | openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile \<Root CA cert file>`

          +`$ echo | openssl s_client -servername <hostname> -connect <hostname>:443 -CAfile <Root CA cert file>`

           ### Convert DER to PEM

           `$ openssl x509 -inform DER -in cert.der -outform PEM -out cert.pem`

          @@ -28,10 +28,10 @@ awk 'BEGIN {i=0} /BEGIN CERT/{i++} { print > "cert" i ".pem"}'`

           `$ openssl verify -CAfile /etc/ssl/cert.pem -untrusted intermediate.pem cert.pem`

           ### Exctract certs from pkcs12 file

          -`$ openssl pkcs12 -in \<file.pfx> -nodes`

          +`$ openssl pkcs12 -in <file.pfx> -nodes`

           ### Extract keys from pkcs12 file

          -`$ openssl pkcs12 -in \<file.pfx> -nocerts`

          +`$ openssl pkcs12 -in <file.pfx> -nocerts`

           ### Remove password from key PEM

          -`$ openssl rsa -in \<protected.pem> -out \<unprotected.pem>`

          \ No newline at end of file

          +`$ openssl rsa -in <protected.pem> -out <unprotected.pem>`

          \ No newline at end of file

...	...	@@ -2,24 +2,24 @@
2	2	<!-- SUBTITLE: SSL_ERROR_CERTIFICATE_UNKNOWN_ALERT? What the fuck does that mean? -->
3	3
4	4	### Read cert
5		-`$ echo \| openssl s_client -host \<hostname> -port 443 \| openssl x509 -noout -text`
	5	+`$ echo \| openssl s_client -host <hostname> -port 443 \| openssl x509 -noout -text`
6	6
7	7	### Read cert and check
8		-`$ echo \| openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile /etc/ssl/cert.pem \| openssl x509 -noout -text`
	8	+`$ echo \| openssl s_client -servername <hostname> -connect <hostname>:443 -CAfile /etc/ssl/cert.pem \| openssl x509 -noout -text`
9	9
10	10	### Dump cert chain
11		-`$ echo \| openssl s_client -showcerts -servername \<hostname> -connect \<hostname>:443`
	11	+`$ echo \| openssl s_client -showcerts -servername <hostname> -connect <hostname>:443`
12	12
13	13	### Dump cert chain to individual files
14		-`$ echo \| openssl s_client -showcerts -servername \<hostname> -connect \<hostname>:443 \| \
	14	+`$ echo \| openssl s_client -showcerts -servername <hostname> -connect <hostname>:443 \| \
15	15	sed -n '/-----BEGIN CERTIFICATE-----/,/-----END CERTIFICATE-----/p' \| \
16	16	awk 'BEGIN {i=0} /BEGIN CERT/{i++} { print > "cert" i ".pem"}'`
17	17
18	18	### Read CRL
19		-`$ openssl crl -inform {DER\|PEM} -noout -text -in \<crl file>`
	19	+`$ openssl crl -inform {DER\|PEM} -noout -text -in <crl file>`
20	20
21	21	### Test connection
22		-`$ echo \| openssl s_client -servername \<hostname> -connect \<hostname>:443 -CAfile \<Root CA cert file>`
	22	+`$ echo \| openssl s_client -servername <hostname> -connect <hostname>:443 -CAfile <Root CA cert file>`
23	23
24	24	### Convert DER to PEM
25	25	`$ openssl x509 -inform DER -in cert.der -outform PEM -out cert.pem`
...	...	@@ -28,10 +28,10 @@ awk 'BEGIN {i=0} /BEGIN CERT/{i++} { print > "cert" i ".pem"}'`
28	28	`$ openssl verify -CAfile /etc/ssl/cert.pem -untrusted intermediate.pem cert.pem`
29	29
30	30	### Exctract certs from pkcs12 file
31		-`$ openssl pkcs12 -in \<file.pfx> -nodes`
	31	+`$ openssl pkcs12 -in <file.pfx> -nodes`
32	32
33	33	### Extract keys from pkcs12 file
34		-`$ openssl pkcs12 -in \<file.pfx> -nocerts`
	34	+`$ openssl pkcs12 -in <file.pfx> -nocerts`
35	35
36	36	### Remove password from key PEM
37		-`$ openssl rsa -in \<protected.pem> -out \<unprotected.pem>`
...	...	\ No newline at end of file
	0	+`$ openssl rsa -in <protected.pem> -out <unprotected.pem>`
...	...	\ No newline at end of file