How to verify the modulus of the CSR,Private Key and Certificate

To verify that a private key matches its certificate we need to compare their modulus.

First move to the directory,where you placed your SSL certificate.

ls

1

To view the modulus of the CSR, use the following command:

openssl req -noout -modulus -in rbgeek_com.csr | openssl md5

2Note: Please replace rbgeek_com.csr with your csr file

Next, to view the modulus of the Private Key, use the following command:

openssl rsa -noout -modulus -in rbgeek_com.key | openssl md5

3

The output of these commands are identical, which means that the Private Key was created using the supplied CSR.

Next, to view the modulus of the SSL Certificate, use the following command:

openssl x509 -noout -modulus -in rbgeek_com.crt | openssl md5

4

If everything matches (same modulus), the files are compatible.

To verify the bundle certificate with the ssl certificate, use the following command:

openssl verify -CAfile rbgeek_com.ca-bundle rbgeek_com.crt

5

OK indicate that the bundle certificate is compatible with SSL certificate.

EXTRA INFO: 

If we have CARoot certificate and chain certificate then we can create a bundle from it like this:

touch rbgeek_com.ca-bundle
cat rbgeekCARoot.crt >> rbgeek_com.ca-bundle
cat rbgeekServerCA.crt >> rbgeek_com.ca-bundle

Check the bundle file that it’s format is correct.

cat rbgeek_com.ca-bundle

Then verify it:

openssl verify -CAfile rbgeek_com.ca-bundle rbgeek_com.crt

Enjoy :-)

Hope this will help you!

Please Remember me in your prayers!

About these ads

One response to “How to verify the modulus of the CSR,Private Key and Certificate

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 118 other followers

%d bloggers like this: