Skip to main content Logo (IEC resistor symbol) logo

Quis custodiet ipsos custodes?
Home | About | All pages | RSS Feed | Gopher

OpenSSL match certificate and private key

Published: 09-02-2013 | Author: Remy van Elst | Text only version of this article

Table of Contents

Today I had to set up something but I kept getting ssl errors. Turns out, the certificate did not match the private key, because the private key file was damaged. After I copied the certificate all was good, so it might got damaged while scping it.

If you like this article, consider sponsoring me by trying out a Digital Ocean VPS. With this link you'll get $100 credit for 60 days). (referral link)

The following openssl commands give you the hash of the modulus of certificate and the private key. If those two don't match then they either do not below to each other, or the file is damaged.

My private key is named private.key and my certificate file is named certificate.crt. Both are in PEM format.


openssl x509 -noout -modulus -in certificate.crt | openssl md5
(stdin)= d238708c18b3c0d42994cfb61f060467

Private Key:

openssl rsa -noout -modulus -in private.key | openssl md5 
(stdin)= 5dd148535fb0763926c285c83cb6b58

They don't match... This was the result after I did another scp:

openssl rsa -noout -modulus -in private.key | openssl md5
(stdin)= d238708c18b3c0d42994cfb61f060467

Perfect match!

Tags: certificates , openssl , pki , private-key , public-key , snippets , ssl