how to validate if private key, CSR request and certificate matches

Posted by

Folder content,

[root@boydC certs]# ll

total 44

drwxr-xr-x 3 root root 150 Nov 18 12:34 new_request_csr

-rw-r–r– 1 root root 2510 Nov 19 10:39 boydC_cert.cer

-rw-r–r– 1 root root 2516 Nov 19 13:41 boydC_cert.cert

-rw-r–r– 1 root root 2516 Nov 19 10:39 boydC_cert.pem

-rw-r–r– 1 root root 5592 Nov 19 10:39 boydC_cert_interm.cer

-rw-r–r– 1 root root 1521 Nov 19 10:39 boydC_cert_interm.pem

-rw-r–r– 1 root root 1675 Nov 19 10:39 boydC.key

[root@boydC certs]#


Scenario: Certificate does not match with private key and CSR request,

Check certificate extension, .pem / .cert / .cer:

[root@boydC certs]# openssl x509 -noout -modulus -in boydC_cert.cer | openssl md5
(stdin)= 693f375824b05283c78e1ed76744cc78

Just change the extension file,

[root@boydC certs]# openssl x509 -noout -modulus -in boydC_cert.cert | openssl md5
(stdin)= 693f375824b05283c78e1ed76744cc78

[root@boydC certs]# openssl x509 -noout -modulus -in boydC_cert.pem | openssl md5
(stdin)= 693f375824b05283c78e1ed76744cc78

check private key:

[root@boydC certs]# openssl rsa -noout -modulus -in boydC.key | openssl md5
(stdin)= ca666yyyy14b022981ba7a06e5229830

check CSR request:

[root@boydC certs]# cd new_request_csr/

[root@boydC new_request_csr]# openssl req -noout -modulus -in boydC.csr | openssl md5
(stdin)= ca666yyyy14b022981ba7a06e5229830

[root@boydC certs]#


Scenario: Certificate and private key match

Folder content

[root@boydC match]# ll

total 8

-rw-r–r– 1 root root 1972 Nov 19 09:12 boydC.cert

-rwxr-xr-x 1 root root 1679 Nov 19 09:12 boydC.key

check certificate

[root@boydC match]# openssl x509 -noout -modulus -in boydC.cert | openssl md5
(stdin)= 5be72c081d6ea9a83e166272233d1b84

check private key

[root@boydC match]# openssl rsa -noout -modulus -in boydC.key | openssl md5
(stdin)= 5be72c081d6ea9a83e166272233d1b84

[root@boydC match]#

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s