Updated on September 9, 2020 at 12:23 am

I’m currently in the middle of some IoT (Internet of Things) research and thought I would post some openssl commands that come in handy for such research.

Getting the certificate serial number comes in handy for plugging it into search engines such as Shodan for example. openssl x509 -in /etc/ssl/certs/xyz.crt -serial -noout



Generating the public key for both the certificate and private key and comparing the results. openssl x509 -pubkey -noout -in etc/ssl/certs/cert.pem openssl rsa -in etc/ssl/certs/key.pem -pubout



Getting the fingerprint of a certificate. openssl x509 -in etc/ssl/certs/cert.pem -fingerprint -sha1 openssl x509 -in etc/ssl/certs/cert.pem -fingerprint -sha256



Generate the modulus, hashing it and then comparing the results from both the certificate and the private key. openssl x509 -noout -modulus -in etc/ssl/certs/cert.pem | openssl md5 openssl rsa -noout -modulus -in etc/ssl/certs/key.pem | openssl md5



Enjoy!