Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Programming > openssl > Flashcards

openssl Flashcards

1
Q

How do u generate a private key and a self signed certificate?

A

openssl req -x509 -newkey rsa -keyout key.pem -out cert.pem -days 365 -nodes

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is -nodes option in openssl

A

When u use -nodes option in generating private key, it will not encrypt the private key.

Encryption requires a pass-phrase, so it won’t ask for pass-phrase.

-nodes is actually no DES,
DES is encryption algorithm (symmetrical).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Name some symmetric encryption algorithms.

A

DES

AES

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Name some asymmetric encryption algorithms.

A

RSA
DSA
ECDSA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is openssl s_client?

A

Find out more about it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are two important pieces of info a digital certificate contains?

A
  • Public key
  • A signature by a CA, proving that public key is valid.
  • Signature = (1) Take SHA-1 of the key, (2) Encrypt that SHA-1 digest with CA’s private key, this is the signature.

On the other side: Again take SHA-1 of the public key,
Now decrypt certifictes signature with CA’s public key, they both should match.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

While specifying client side certificate in node.js websocket program, what happens when certificate and private key don’t match?

A

Client program won’t run.

Will throw error ‘key mismatch’

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

How does a certificate issuing authority identify each certificate it issues?

A

It gives a unique serial number to each certificate it issues.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How to get openssl version?

A

openssl version

openssl version -a

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Where does Llinux normally keep certificates?

A

/etc/ssl/certs

/usr/lib/ssl contains the soft-link for above directory

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a trust store?

A

It is a collection of trusted root certificates. Which can be used to verify other incoming certificates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are common key generation algorithms?

A

RSA is most common,
DSA is limited to 1024 bits,
ECDSA is not widely supported
For ssh, DSA and RSA are commonly used

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is AES

A 
Advanced Encryption Algorithm
Symmetric
AES128
AES192
AES256
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What are Hardware Security Modules (HSM)?

A

Find out more about them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What does a CSR contain?

A

Public key
Information about the institution requesting certificate (CN, common name, country etc)

It is signed by the private-key corresponding to public key it contains.
Certificate signing request.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What private-key is used to sign a self signed certificate?

A

Certificate contains a public key,

It is signed with the corresponding private-key.

Programming (19 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions