OpenSSL: Check if a certificate belongs to a private key
if you want to check if a certificate has it s origin in a specific private key respectively the signing request use the following openssl commands:
This shows all details of the key and certificate:
root@debdev ~# openssl x509 -noout -text -in yourserver.crt
root@debdev ~# openssl rsa -noout -text -in yourserver.key
The interesting parts are the modulus and the public exponent section where the public exponent is usually 65537 so it can be ignored.
root@debdev ~# openssl x509 -noout -modulus -in yourserver.pem | md5sum
root@debdev ~# openssl rsa -noout -modulus -in yourserver.key | md5sum
The output of both commands must match.