Which of the following is the most common instrument to generate key pairs and certificate signing requests, manage keys, and convert and package certificates? (Wentz QOTD)
A. TPM (Trusted Platform Module)
B. TCB (Trusted Computing Base)
C. HSM (Hardware security module)
D. The OpenSSL utility
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is D. The OpenSSL utility.
Wentz’s book, The Effective CISSP: Security and Risk Management, helps CISSP and CISM aspirants build a solid conceptual security model. It is a tutorial for information security and a supplement to the official study guides for the CISSP and CISM exams and an informative reference for security professionals.
OpenSSL is an open-source command line tool that is commonly used to generate private keys, create CSRs, install your SSL/TLS certificate, and identify certificate information. We designed this quick reference guide to help you understand the most common OpenSSL commands and how to use them.
Source: DigiCert
Common OpenSSL commands
- Show the details of a certificate
openssl x509 -in certificate.crt -text -noout - Show the public key of a certificate
openssl x509 -pubkey -noout -in certificate.crt - Show the public key of a certificate signing request
openssl req -in certificate.csr -noout -pubkey -out public.key - Show the public key in a .pfx file
openssl rsa -in certificate.pfx -pubout -out public.key - Packate the private key and its associate certificate into a .pfx file
openssl pkcs12 -export -out certificate.pfx -inkey private.key -in certificate.crt
Reference
以下哪個是生成密鑰對和證書簽名請求(CSR)、管理密鑰以及轉換和打包證書最常見的工具? (Wentz QOTD)
A. TPM(可信平台模組)
B. TCB(可信計算庫)
C. HSM(硬體安全模組)
D. OpenSSL 實用程序