How do you verify SSL Certificate and Private Key matches?

Published by Jeff Masud on

How do you verify SSL Certificate and Private Key matches?

Today I was working on installing a certificate on a client’s nginx server.  They already had an SSL certificate for the last couple of years to their previous tech left a mess of files and I needed to determine what files were meant to go together.

So to verify an RSA private key matches the public key in a certificate you need to verify the consistency of the private key and compare the modulus against each of the files.

Example:

[root@localhost certs]# openssl rsa -modulus -noout -in www.example.com.key | openssl md5
Enter pass phrase for www.example.com.key:
(stdin)= 3b7fe5fba303224aefc65659f7563c2b
[root@localhost certs]# openssl x509 -modulus -noout -in www.example.com.crt | openssl md5
(stdin)= 3b7fe5fba303224aefc65659f7563c2b

If there are any errors then you know the file is bad.  In my case, I can visually see the two modulus outputs with an md5 match.

So this certificate and private key go together.

 

Categories: CentosSSL
Tags:

Related Posts

Centos

SSL connection has failed on cPanel Exim server

Share Tweet Share Email SSL connection has failed on cPanel Exim server cPanel cPanel is a control panel that allows you to manage bare metal or virtual hosting servers. It’s best for shared hosting websites Read more…

Kubernetes

Kubernetes 1.11 API certificate expired

Share Tweet Share Email Kubernetes 1.11 API certificate expired Kubernetes What is Kubernetes?  Kubernetes is an open-source orchestration software for deploying, managing, and scaling containerized workloads on a cluster of servers.  Those servers can be Read more…

Centos

NTP force time update

Share Tweet Share Email NTP force time update ntpd NTP, is the Network Time Protocol used to sync your server’s automatically. This can be updated using ntpd to synchronize automatically or executing ntpdate to check Read more…