Check If A Certificate & Private Key Match

Posted by on October 5, 2009 Leave a comment (1) Go to comments

Check if an SSL certificate and private key match in two simple commands. The OpenSSL commands below will require you to replace <file> with your file’s name.

For your SSL certificate:1

openssl x509 -noout -modulus -in <file> | md5sum

For your RSA private key:

openssl rsa -noout -modulus -in <file> | md5sum

The output of these commands should be identical. If it isn’t, your keys do not match.

  1. The pipe to md5sum is solely to make the output shorter and easier to visually compare
Posts, ,
  1. Anoop October 5, 2009 at 5:42 pm

    Hey, this is a good one to keep handy. Just wanted to mention to your readers that -modulus for both ‘x509′ and ‘rsa’ applications in openssl prints the RSA key modulus and even those values can be compared to confirm a match. The pipe to md5sum/sha1sum simply help make things easier when visually comparing.

    Good one!

Leave a Comment


NOTE - You can use these HTML tags and attributes:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="" highlight="">