openssl enc -d -aes-256-cbc -in secret.enc -out decrypted.txt | Problem | Solution | |---------|----------| | openssl is not recognized | Add C:\Program Files\OpenSSL-Win64\bin to PATH, restart cmd | | Can't open config file: openssl.cnf | Set OPENSSL_CONF env var: set OPENSSL_CONF=C:\Program Files\OpenSSL-Win64\bin\openssl.cfg | | unable to load config info | Create a minimal openssl.cnf or use -config flag | | no /dev/null in Windows | Use NUL instead: 2>NUL | | SSL connect hangs | Use -ign_eof or echo Q \| openssl s_client ... | 13. Environment Setup (Optional) Create a batch file openssl_env.bat :
@echo off set OPENSSL_CONF=C:\Program Files\OpenSSL-Win64\bin\openssl.cfg set PATH=%PATH%;C:\Program Files\OpenSSL-Win64\bin echo OpenSSL ready Run before using OpenSSL: openssl for windows
openssl x509 -noout -modulus -in cert.pem | openssl md5 openssl rsa -noout -modulus -in private.key | openssl md5 The hashes must be identical. Connect to HTTPS server (show certificate chain) openssl s_client -connect google.com:443 Save server certificate to file openssl s_client -connect google.com:443 -showcerts </dev/null 2>nul | openssl x509 -out google.crt ( </dev/null 2>nul prevents hanging on Windows – use Git Bash or WSL for cleaner output) openssl enc -d -aes-256-cbc -in secret