Skip to main content

Raymii.org Raymii.org Logo

Quis custodiet ipsos custodes?
Home | About | All pages | Cluster Status | RSS Feed | Gopher

OpenSSL match certificate and private key

Published: 09-02-2013 | Author: Remy van Elst | Text only version of this article


❗ This post is over eight years old. It may no longer be up to date. Opinions may have changed.

Today I had to set up something but I kept getting ssl errors. Turns out, the certificate did not match the private key, because the private key file was damaged. After I copied the certificate all was good, so it might got damaged while scping it.

Consider sponsoring me on Github. It means the world to me if you show your appreciation and you'll help pay the server costs.

You can also sponsor me by getting a Digital Ocean VPS. With this referral link you'll get $100 credit for 60 days.

The following openssl commands give you the hash of the modulus of certificate and the private key. If those two don't match then they either do not below to each other, or the file is damaged.

My private key is named private.key and my certificate file is named certificate.crt. Both are in PEM format.

Certificate:

openssl x509 -noout -modulus -in certificate.crt | openssl md5
(stdin)= d238708c18b3c0d42994cfb61f060467

Private Key:

openssl rsa -noout -modulus -in private.key | openssl md5 
(stdin)= 5dd148535fb0763926c285c83cb6b58

They don't match... This was the result after I did another scp:

openssl rsa -noout -modulus -in private.key | openssl md5
(stdin)= d238708c18b3c0d42994cfb61f060467

Perfect match!

Tags: certificates , openssl , pki , private-key , public-key , snippets , ssl