Check key length from the command line with OpenSSL

By | 2012/10/25

To check the key length of a certificate, use the openssl command.

Here is how to check an RSA private key length:

$ openssl rsa -text -noout -in private.key

The top of the output will have:

Private-Key: (1024 bit)

For a certificates (.crt or .pem), use this command:

$ openssl x509 -text -noout -in certificate.crt 

.p12 certs:

$ openssl pkcs12 -info -in keyStore.p12

The output will have the key length in a dump of all other certificate info:

RSA Public Key: (2048 bit)