OpenSSL provides read different type of certificate and encoding formats. OpenSSL supports certificate formats like RSA, X509, PCKS12 etc. We will look how to read these certificate formats with OpenSSL.

Read RSA Private Key

RSA is popular format use to create asymmetric key pairs those named public and private key. We can use rsa verb to read RSA private key with the following command.

$ openssl rsa -in myprivate.pem -check

We can see that the first line of command output provides RSA key ok

Read X509 Certificate

Another case reading certificate with OpenSSL is reading and printing X509 certificates to the terminal. We will use x509 version with the following command.

$ openssl x509 -in mycert.pem -text -noout

Print Certificate Purpose

X509 certificates also holds information about the purpose of the cerficate. This will be beneficial while using certificate to learn the creation aim of the certificate. We can print certificate purpose with the -purpose command like below.

$ openssl x509 -in mycert.pem -text -noout -purpose

Read Web Sites HTTPS TLS/SSL Certificates

We can read and print web sites HTTPS certificates with the s_client verb which is explained in this tutorial. We can print the SSL/TLS X509 certificate with the following command.

$ openssl s_client -showcerts -connect poftut.com:443

Read PKCS12 File

We can also read and print PKCS12 files which can be used store keys and related information. We will use pkcs12 verb like below.

$ openssl pkcs12 -info -in keystore.p12

Read Certificate Signing Request

Certificate signing requests are used to create required request in order to sign our certificate from certificate authority. After creating a Certificate Signing Request we should check the CSR with the following command where we can see all information provided by CSR.

$ openssl req -text -noout -verify -in myrequest.csr