OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them.

# To generate a 2048bit RSA private key and save it to a file:
openssl genrsa -out filename.key 2048

# To generate a certificate signing request to be sent to a certificate authority:
openssl req -new -sha256 -key filename.key -out filename.csr

# To generate a self-signed certificate from a certificate signing request valid for some number of days:
openssl x509 -req -days days -in filename.csr -signkey filename.key -out filename.crt

# To display the start and expiry dates for a domain's certificate:
openssl s_client -connect host:port 2>/dev/null | openssl x509 -noout -dates

# To display the certificate presented by an SSL/TLS server:
openssl s_client -connect host:port </dev/null

# To display the complete certificate chain of an HTTPS server:
openssl s_client -connect host:443 -showcerts </dev/null


# To check an SSL connection:
openssl s_client -connect domain:port

# To generate new private key and CSR:
openssl req -out path/to/CSR.csr -new -newkey rsa:2048 -nodes -keyout path/to/private.key

# To sign a certificate using a private key and CSR:
openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

# To read contents of a private key:
openssl rsa -check -in path/to/private.key

# To verify a CSR file:
openssl req -text -noout -verify -in path/to/CSR.csr

# To check MD5 hash of a certificate:
openssl x509 -noout -modulus -in path/to/certificate.crt | openssl md5

# To check MD5 hash of a private key:
openssl rsa -noout -modulus -in path/to/private.key | openssl md5

# To check MD5 hash of a CSR file:
openssl req -noout -modulus -in path/to/CSR.csr | openssl md5