If you are managing many of sites and their respective SSL certs, some times ,we come across a situation where we messed up with SSL certs and their CSR and private keys,
Where we do not know, which private key belongs to which Cert and which private key belongs to which CSR.
This happen only if proper management of keeping SSL files are not in used
after all we are all human being ,who do mistakes :) right ?
so, here on this page I will tell you , how to check which cert belongs to which private key and which CSR belongs to which private key , and that is only using openssl command on the terminal itself, after all we are love linux terminal :)
So , here it is,
Where we do not know, which private key belongs to which Cert and which private key belongs to which CSR.
This happen only if proper management of keeping SSL files are not in used
after all we are all human being ,who do mistakes :) right ?
so, here on this page I will tell you , how to check which cert belongs to which private key and which CSR belongs to which private key , and that is only using openssl command on the terminal itself, after all we are love linux terminal :)
So , here it is,
- openssl rsa -noout -modulus -in mydomain.key | openssl md5
- openssl req -noout -modulus -in mydomain.csr | openssl md5
- openssl x509 -noout -modulus -in domain.crt | openssl md5
If you find the output of all command identical ,high probability is that all files i.e private key ,csr and certificate are matches with each other.
Also , below are some other useful openssl commands
Command to check CSR content
- openssl req -text -noout -verify -in domain.csr
Command to check Certificate content
- openssl x509 -text -noout -in domain.crt
Command to check private key is valid or not
- openssl rsa -check -in domain_name.key
Thanks for sharing command for checking CSR and private key are same or not, its really useful for me.
ReplyDeleteStay in touch there is more to come :)
ReplyDelete