Openssl: how to find out if your certificate matches the key file?
To quickly make sure the files match, display the modulus value of each file:openssl rsa -noout -modulus -in FILE.key openssl req -noout -modulus -in FILE.csr openssl x509 -noout -modulus -in FILE.cerIf everything matches (same modulus), the files are compatible public key-wise (but this does not guaranty the private key is valid). If not, one of the file is not related to the others.
N.B.: Modulus only applies on private keys and certificates using RSA cryptographic algorithm. If you generate an ECC (Elliptic Curve Cryptography) private key or if your certificate is signed with ECC you won't find a modulus.
N.B.2: For a detailed cryptographic verification, see Hanno Böck's script
Linked documentation
Last edited on 07/20/2017 19:07:00 --- [search]