Hi,

if you want to check if a certificate has it s origin in a specific private key respectively the signing request use the following openssl commands:

This shows all details of the key and certificate:

root@debdev ~# openssl x509 -noout -text -in yourserver.crt
root@debdev ~# openssl rsa -noout -text -in yourserver.key


The interesting parts are the modulus and the public exponent section where the public exponent is usually 65537 so it can be ignored.


root@debdev ~# openssl x509 -noout -modulus -in yourserver.pem | md5sum
root@debdev ~# openssl rsa -noout -modulus -in yourserver.key | md5sum


The output of both commands must match.

Michael