Skip to main content Logo

Quis custodiet ipsos custodes?
Home | About | All pages | Cluster Status | RSS Feed

OpenSSL match certificate and private key

Published: 09-02-2013 | Author: Remy van Elst | Text only version of this article

❗ This post is over ten years old. It may no longer be up to date. Opinions may have changed.

Today I had to set up something but I kept getting ssl errors. Turns out, the certificate did not match the private key, because the private key file was damaged. After I copied the certificate all was good, so it might got damaged while scping it.

Recently I removed all Google Ads from this site due to their invasive tracking, as well as Google Analytics. Please, if you found this content useful, consider a small donation using any of the options below:

I'm developing an open source monitoring app called Leaf Node Monitoring, for windows, linux & android. Go check it out!

Consider sponsoring me on Github. It means the world to me if you show your appreciation and you'll help pay the server costs.

You can also sponsor me by getting a Digital Ocean VPS. With this referral link you'll get $200 credit for 60 days. Spend $25 after your credit expires and I'll get $25!

The following openssl commands give you the hash of the modulus of certificate and the private key. If those two don't match then they either do not below to each other, or the file is damaged.

My private key is named private.key and my certificate file is named certificate.crt. Both are in PEM format.


openssl x509 -noout -modulus -in certificate.crt | openssl md5
(stdin)= d238708c18b3c0d42994cfb61f060467

Private Key:

openssl rsa -noout -modulus -in private.key | openssl md5 
(stdin)= 5dd148535fb0763926c285c83cb6b58

They don't match... This was the result after I did another scp:

openssl rsa -noout -modulus -in private.key | openssl md5
(stdin)= d238708c18b3c0d42994cfb61f060467

Perfect match!

Tags: certificates , openssl , pki , private-key , public-key , snippets , ssl