This is an addendum to https://mihail.stoynov.com/blog/2009/03/12/CertificatesKeystoresJavaKeytoolUtilityAndOpenssl.aspx
Key file is a format that keeps the private key in unencrypted format. It does not keep the certificate.
Converting pem –> key
openssl rsa –in mycompany.pem –out mycompany.key
Check out a certificate (pem, key)
openssl x509 –in mycompany.pem -text –noout
openssl x509 –in mycompany.key -text –noout
Output the private key
openssl rsa –in mycompany.key
openssl rsa –in mycompany.pem
(if they’re the sam certificate, they output the same thing).
Output the private key in readable format
openssl rsa –in mycompany.key –text
openssl rsa –in mycompany.key –text –noout (omit the binary part)
openssl rsa –in mycompany.pem –text
openssl rsa –in mycompany.pem –text –noout (omit the binary part)
Update:
Launch small https server to test a certificate
# on one host, set up the server (using default port 4433)
openssl s_server -cert mycert.pem –www
Check the speeds to that server
# on second host (or even the same one), run s_time
openssl s_time -connect myhost:4433 -www / -new -ssl3