Tech Tip: How to verify TLS/SSL certificates/keys match

Document created by kk_sup Employee on May 11, 2016Last modified by SamCreek on Dec 17, 2016
Version 2Show Document
  • View in full screen mode

 

1) Commands to verify a server private key matches the certificate:


Certificate:

openssl x509 -noout -modulus -in <certificateFile> | openssl md5


Private Key: 

       openssl rsa -noout -modulus -in  <server privateKey>  | openssl md5


    The resulting numbers must match. If not they do not belong to each other.

 

2) You can also verify a certificate signing request matches the certificate and/or private key:


openssl req -noout -modulus -in <certificateSigningRequestFile> | openssl md5

 

 

    The resulting number would need to match the output(s) in step 1)

Attachments

    Outcomes