To view the md5 hash of the modulus of the private key:
$ openssl rsa -noout -modulus -in mykey.key | openssl md5
To view the md5 hash of the modulus of the CSR:
$ openssl req -noout -modulus -in mycsr.csr | openssl md5
To view the md5 hash of the modulus of the certificate:
$ openssl x509 -noout -modulus -in mycert.crt | openssl md5
If all three hashes match, the CSR, certificate, and private key are compatible. You can use
diff3
to compare the moduli from all three files at once:
$ openssl req -noout -modulus -in mycsr.csr > csr-mod.txt
$ openssl x509 -noout -modulus -in mycert.crt > cert-mod.txt
$ openssl rsa -noout -modulus -in mykey.key > privkey-mod.txt
$ diff3 csr-mod.txt cert-mod.txt privkey-mod.txt
If all three files are identical,
diff3
will produce no output.
No comments:
Post a Comment