Generate random hex token openssl
Generate a 64-char hex random string (e.g. for API keys)
openssl rand -hex 32
more openssl
all 27 commands →
Full certificate inspect
openssl x509 -in cert.pem -noout -text
Cert expiry check (CI gate)
openssl x509 -in cert.pem -noout -checkend 86400 && echo OK || echo EXPIRING
Inspect live server chain
openssl s_client -connect <host>:443 -servername <host> -showcerts </dev/null 2>/dev/null
Extract SAN list
openssl x509 -in cert.pem -noout -ext subjectAltName
Verify cert against CA chain
openssl verify -CAfile ca-chain.pem cert.pem