Folder content,
[root@boydC certs]# ll
total 44
drwxr-xr-x 3 root root 150 Nov 18 12:34 new_request_csr
-rw-r–r– 1 root root 2510 Nov 19 10:39 boydC_cert.cer
-rw-r–r– 1 root root 2516 Nov 19 13:41 boydC_cert.cert
-rw-r–r– 1 root root 2516 Nov 19 10:39 boydC_cert.pem
-rw-r–r– 1 root root 5592 Nov 19 10:39 boydC_cert_interm.cer
-rw-r–r– 1 root root 1521 Nov 19 10:39 boydC_cert_interm.pem
-rw-r–r– 1 root root 1675 Nov 19 10:39 boydC.key
[root@boydC certs]#
DO NOT MATCH
Scenario: Certificate does not match with private key and CSR request,
Check certificate extension, .pem / .cert / .cer:
[root@boydC certs]# openssl x509 -noout -modulus -in boydC_cert.cer | openssl md5
(stdin)= 693f375824b05283c78e1ed76744cc78
Just change the extension file,
[root@boydC certs]# openssl x509 -noout -modulus -in boydC_cert.cert | openssl md5
(stdin)= 693f375824b05283c78e1ed76744cc78
[root@boydC certs]# openssl x509 -noout -modulus -in boydC_cert.pem | openssl md5
(stdin)= 693f375824b05283c78e1ed76744cc78
check private key:
[root@boydC certs]# openssl rsa -noout -modulus -in boydC.key | openssl md5
(stdin)= ca666yyyy14b022981ba7a06e5229830
check CSR request:
[root@boydC certs]# cd new_request_csr/
[root@boydC new_request_csr]# openssl req -noout -modulus -in boydC.csr | openssl md5
(stdin)= ca666yyyy14b022981ba7a06e5229830[root@boydC certs]#
MATCH
Scenario: Certificate and private key match
Folder content
[root@boydC match]# ll
total 8
-rw-r–r– 1 root root 1972 Nov 19 09:12 boydC.cert
-rwxr-xr-x 1 root root 1679 Nov 19 09:12 boydC.key
check certificate
[root@boydC match]# openssl x509 -noout -modulus -in boydC.cert | openssl md5
(stdin)= 5be72c081d6ea9a83e166272233d1b84
check private key
[root@boydC match]# openssl rsa -noout -modulus -in boydC.key | openssl md5
(stdin)= 5be72c081d6ea9a83e166272233d1b84[root@boydC match]#