Skip to main content Logo (IEC resistor symbol)logo

Quis custodiet ipsos custodes?
Home | About | All pages | RSS Feed | Gopher

OpenSSL match certificate and private key

Published: 09-02-2013 | Author: Remy van Elst | Text only version of this article

Table of Contents

Today I had to set up something but I kept getting ssl errors. Turns out, thecertificate did not match the private key, because the private key file wasdamaged. After I copied the certificate all was good, so it might got damagedwhile scping it.

If you like this article, consider sponsoring me by trying out a Digital OceanVPS. With this link you'll get $100 credit for 60 days). (referral link)

The following openssl commands give you the hash of the modulus of certificateand the private key. If those two don't match then they either do not below toeach other, or the file is damaged.

My private key is named private.key and my certificate file is namedcertificate.crt. Both are in PEM format.


openssl x509 -noout -modulus -in certificate.crt | openssl md5(stdin)= d238708c18b3c0d42994cfb61f060467

Private Key:

openssl rsa -noout -modulus -in private.key | openssl md5 (stdin)= 5dd148535fb0763926c285c83cb6b58

They don't match... This was the result after I did another scp:

openssl rsa -noout -modulus -in private.key | openssl md5(stdin)= d238708c18b3c0d42994cfb61f060467

Perfect match!

Tags: certificates, openssl, pki, private-key, public-key, snippets, ssl