OpenSSL: Find Out SSL Key Length – Linux Command Line

From the following article you’ll learn how to find out a key length of an SSL Certificate from the Linux command line, using OpenSSL utility.

The information about the key size can be retrieved from the several sources.

We can get the information about key length from the file with a private key, from the SSL certificate file or we can determine it directly from the https website.

Use the following OpenSSL commands from the Linux command line to get a key length:

Determine a Key Size from a Private Key

Linux command that retrieves a key size from a file with the private key (secret.key):

$ openssl rsa -in secret.key -text -noout | grep "Private-Key"
Private-Key: (2048 bit)

Find Out a Key Length from an SSL Certificate

Find out a key size from a file with the certificate (certificate.crt), using OpenSSL:

$ openssl x509 -in certificate.crt -text -noout | grep "Public-Key"
RSA Public-Key: (2048 bit)

Determine a Key Length from an HTTPS Site

Find out a key size from an https website, lets say google.com:

$ echo | openssl s_client -connect google.com:443 2>/dev/null | openssl x509 -text -noout | grep "Public-Key"
Public-Key: (2048 bit)

3 Replies to “OpenSSL: Find Out SSL Key Length – Linux Command Line”

  1. just put a `-` between Public and Key during grep

Leave a Reply