openssl req -newkey rsa:4096 -keyout <user key> -out <user csr> -nodes -days 365 -subj "/CN=<name>"`
openssl x509 -req -in <user csr> -CA <ca cert> -CAkey <ca key> -out <signed user cert> -set_serial 01 -days 365
Convert to pkcs12 for use in browsers as client certificate
openssl pkcs12 -export -clcerts -in <signed user cert> -inkey <user key> -out <user>.p12
openssl rsa -pubin -inform PEM -text -noout < public.key
openssl rsautl -inkey key.priv -decrypt -in file.enc
Convert putty ppk to openssh rsa
puttygen private.ppk -O private-openssh -o private.ssh
