picture of tbs certificates
picture of tbs certificates
Our products range

Openssl: how to find out if your certificate matches the key file?

To quickly make sure the files match, display the modulus value of each file:
openssl rsa -noout -modulus -in FILE.key
openssl req -noout -modulus -in FILE.csr
openssl x509 -noout -modulus -in FILE.cer
If everything matches (same modulus), the files are compatible public key-wise (but this does not guaranty the private key is valid). If not, one of the file is not related to the others.

N.B.: Modulus only applies on private keys and certificates using RSA cryptographic algorithm. If you generate an ECC (Elliptic Curve Cryptography) private key or if your certificate is signed with ECC you won't find a modulus.

N.B.2: For a detailed cryptographic verification, see Hanno Böck's script

Linked documentation