Solved

How to make sure that a certificate and a private key match together?

Posted on 2009-07-02
6
298 Views
Last Modified: 2012-05-07
Hello,

I have a signed certificate and a private key, how to check if they match with openssl in Wndows enviroinment?

TIA!
0
Comment
Question by:U4enik
  • 3
  • 3
6 Comments
 
LVL 5

Expert Comment

by:JohnmenZ
Comment Utility
This link gives you commands to do what you want: http://kb.wisc.edu/middleware/page.php?id=4064

Those commands should work in a Windows installation of OpenSSL.
0
 

Author Comment

by:U4enik
Comment Utility
autocompare doesn't work in Windows, and I don't really understand what numbers to compare
0
 
LVL 5

Accepted Solution

by:
JohnmenZ earned 500 total points
Comment Utility
Can you get outputs from these two commands:

$ openssl x509 -noout -text -in server.crt
$ openssl rsa -noout -text -in server.key

If so, look into the "modulus" part of the outputs, they are match each other, otherwise the key is not for the certificate.
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:U4enik
Comment Utility
00:b6:9e:3b:75:4d:f2:12:4b:43:a1:aa:64:79:41:
                    f3:dd:bd:b6:bf:14:bb:05:3f:72:ed:12:c6:d2:5e:
                    9c:72:2c:52:35:93:30:a5:5c:0f:e8:1c:ce:32:ea:
                    7a:61:f8:85:dc:82:50:ef:7e:f2:ab:b1:7a:31:05:
                    76:73:cb:20:8b:af:dc:d0:5b:dd:1a:26:ab:46:e3:
                    3e:0e:e1:a3:01:41:bc:d5:2f:60:08:d5:2f:12:3b:
                    7c:20:5b:3a:2e:66:cd:42:40:72:52:53:52:93:e3:
                    b2:2f:bd:74:08:fd:57:ca:58:34:b4:96:b0:ed:26:
                    ed:a4:f7:63:d1:2b:02:83:11

And

00:dc:15:6c:81:e7:e1:c6:ad:ef:42:e9:47:f1:20:
    83:cf:85:a4:df:8c:26:b1:00:37:54:e5:b4:e0:bb:
    8d:a8:d1:9f:1f:a4:29:7c:08:4f:c5:38:97:b0:bf:
    ea:80:81:91:90:d3:00:8f:e6:c2:29:e1:66:6a:ed:
    08:e1:90:10:4d:77:37:7d:01:8a:cc:e3:46:16:ab:
    3b:4f:99:c8:61:85:59:87:1f:7a:47:4e:bb:e1:47:
    6c:30:c8:e0:d1:fc:01:ed:8e:e4:e2:fe:a4:a1:48:
    73:18:e7:d8:76:36:d6:e7:7c:6a:1c:e8:5d:25:11:
    04:69:5e:94:ec:f3:51:28:b5

So, this is a wrong key, right?
0
 
LVL 5

Expert Comment

by:JohnmenZ
Comment Utility
From what I can see, yes.  But just be sure, you can try the commands on a known matched certificate and key to confirm you are not looking into the wrong place.
0
 

Author Comment

by:U4enik
Comment Utility
Superb!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

#SSL #TLS #Citrix #HTTPS #PKI #Compliance #Certificate #Encryption #StoreFront #Web Interface #Citrix XenApp
You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now