openssl x509 -in filename.crt -modulus -noout | openssl md5 openssl rsa -in filename.key -modulus -noout | openssl md5
If you want to be ambitious, verify the certificates date ranges as well
openssl x509 -in filename.crt -dates -noout
Friday, June 7, 2013
Verifying that a SSL Certificate matches a Key
When configuring SSL under apache, if an error is made, Apache is unlikely to start. This can be a bit of a problem. So when a non-technical person provides you with CRT/KEY and you are expected to install that pair into Apache, while incurring minimal downtime, it can be useful to check the pairs validity before starting. The relevant portion of the key/crt pair is the modulus. It can be checked using the commandline openssl tools.
If you want to be ambitious, verify the certificates date ranges as well
If you want to be ambitious, verify the certificates date ranges as well
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment