===== SSL =====

==== Generowanie ====

<file>
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ssl.key -out ssl.crt
</file>

==== Generowanie do IIS ====

<file>
cd /usr/lib/openssl
./CA.pl -newreq-nodes
./CA.pl -newca
./CA.pl -sign
openssl req -new > new.cert.csr
openssl rsa -in privkey.pem -out new.cert.key
openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365
openssl pkcs12 -export -out DigiCertBackup.pfx -inkey new.cert.key -in new.cert.cert -certfile ./privkey.pem
</file>

==== Eksport do JSK ====

=== SCM ===

<file>
openssl pkcs12 -export -in ssl.crt -inkey ssl.key -out ssl.p12 -name scm
../../jdk/bin/keytool -importkeystore -srckeystore ./ssl.p12 -srcstoretype pkcs12 -srcalias scm -srcstorepass tajnepass -destkeystore ./ssl.jks -deststoretype jks -deststorepass tajnepass
</file>

=== JBoss ===

<file>
openssl pkcs12 -export -in ./ssl.crt -inkey ./ssl.key -out ssl.p12 -name jboss
keytool -importkeystore -srckeystore ./ssl.p12 -srcstoretype pkcs12 -srcalias jboss -srcstorepass  nasze_tajne_haslo -destkeystore ./ssl.jks -deststoretype jks -deststorepass nasze_tajne_haslo
</file>

==== Import certyfikatów z PFX ====

Certyfikat:
<file>
openssl pkcs12 -in ssl.pfx -nocerts -out ssl.crt
</file>

Klucz:
<file>
openssl pkcs12 -in ssl.pfx -clcerts -nokeys -out ssl.key
</file>

Usunięcie z klucza hasła:
<file>
openssl rsa -in ssl.key -out ssl_nopass.key
</file>