Useful openssl commands

Posted on November 1, 2012 12:41 am by scott Comment

View certificate attributes, such as common name (domain name), subject alternate name, issued by, expiry date, issued to, etc.

openssl x509 -in cert.crt -noout -text

Check certificate and key match (no output indicates a match):

diff < (openssl x509 -in certificate.crt -noout -modulus) <(openssl rsa -in privatekey.key -noout -modulus)

Manually check certificate and key match

openssl x509 -in certificate.crt -noout -modulus
openssl rsa -in privatekey.key -noout -modulus

If the resultant strings match, the certificate and key match.

Here is a another way which results in a smaller output to compare:

openssl x509 -in certificate.crt -noout -modulus|openssl md5
openssl rsa -in privatekey.key -noout -modulus|openssl md5

Sample output:

$ openssl x509 -in certificate.crt -noout -modulus|openssl md5
9fd6d809335574aa474037952ac485aa
$ openssl rsa -in privateKey.key -noout -modulus|openssl md5
9fd6d809335574aa474037952ac485aa

This entry was posted in Linux and tagged assymetric encryption, HTTPS, openssl, SSL, TLS. Bookmark the permalink.

Always Geeky

Useful openssl commands

Leave a ReplyCancel reply

Useful openssl commands

Share this:

Leave a ReplyCancel reply