Skip to main content

Check CSR and Private Key are matching or not.

  If you are managing many of sites and their respective SSL certs, some times ,we come across a situation where we messed up with SSL certs and their CSR and private keys, 

 Where we do not know, which private key belongs to which Cert and which private key belongs to which CSR.

This happen only if proper management of keeping SSL files are not in used 
after all we are all human being ,who do mistakes :)  right ?

so, here on this page I will tell you , how to check which cert belongs to which private key and which CSR belongs to which private key , and that is  only using openssl command on the terminal itself, after all we are love linux terminal :)

So , here it is,
  • openssl rsa -noout -modulus -in mydomain.key | openssl md5 
  • openssl req -noout -modulus -in mydomain.csr | openssl md5
  • openssl x509 -noout -modulus -in domain.crt | openssl md5


If you find the output of all command identical ,high probability is that all files i.e private key ,csr and certificate are matches with each other.

Also , below are some other useful openssl commands

Command to check CSR content

  • openssl req -text -noout -verify -in domain.csr

Command to check Certificate content

  • openssl x509 -text -noout -in domain.crt

Command to check private key is valid or not

  • openssl rsa -check -in domain_name.key

Comments

  1. Thanks for sharing command for checking CSR and private key are same or not, its really useful for me.

    ReplyDelete

Post a Comment

Popular posts from this blog

Multiple instances of redis

In the last post I have covered how to install redis server on Centos/Rhel using rpm method and yum method and some troubleshooting skills. In this post i am going to cover how to install and configure redis to run with multiple ports.                                                                           But why we need more ports ? If you have read my earlier post , you already know that by default redis runs on single port 6379, which any one can use it for small website to cache the data. But for heavy website like magento we need to use additional ports along with 6379 to serve different cache from different ports. Like in Magento there is simple cache which is normally stored under /var/cache directory. Then there is Full Page Cache which is stored under /var/full_page_cache...

arbtd: Package isn't signed with proper key

  If you are System Admin and worked on linux machine or servers in your current job or in past. Chances are you might come across linux service abrtd, even if you have not worked on it. but might be through some other work. same thing happened to me, while I was doing my regular work of installing php packages on linux  servers , i came across this error for which spent couple of hours actually to resolve it. T he error was 

Resolving IP SKU Requirements When Adding Azure VMs to Load Balancers

When it comes to configuring Azure Virtual Machines (VMs) within a Load Balancer (LB) environment, there are essential requirements that need to be addressed to ensure optimal performance and reliability. One common challenge faced by Azure users is the necessity of configuring IP SKUs correctly. In this blog post, we'll explore this requirement, its importance, and provide a solution to address it effectively. Understanding the IP SKU Requirement   The IP SKU (Service Key Update) requirement plays a pivotal role in the proper functioning of your Azure infrastructure, particularly within the context of Load Balancers. Here's what you need to know : IP Should Be in Standard SKU When adding Azure VMs to a Load Balancer, it's highly recommended to utilize public IP addresses configured with the Standard SKU. The Standard SKU offers an array of advanced capabilities, including enhanced traffic management and load balancing options. By using Standard SKU, you ensure a higher deg...