![openssl read certificate openssl read certificate](https://becomethesolution.com/images/easyblog_articles/254/b2ap3_thumbnail_openssl-windows-create-certificate.png)
Print the md5 hash of the SSL Certificate modulus: $ openssl x509 -noout -modulus -in CERTIFICATE.crt | openssl md5 Let’s print the values of the modulus of the Private Key, the SSL Certificate and the CSR with the conversion of them to md5 hashes to make the comparison more convenient. … key values mismatch: Your Private Key and SSL Certificate must contain the same modulus, otherwise the web-server won’t start. So if you got the similar error – it is time to check whatever your Private Key matches the SSL Certificate by comparing their modulus. If you are using either the incorrect Private Key or the SSL Certificate – you will receive an error as follows: Unable to configure RSA server Private Key SSL Library Error: x509 certificate routines:X509_check_private_key:key values mismatch. OpenSSL stores the modulus in the Private Key, as well as in the CSR and therefore in the SSL Certificate itself. When you create a Private Key and CSR to obtain an SSL Certificate, OpenSSL generates some internal data called a modulus.
![openssl read certificate openssl read certificate](https://newsbook485.weebly.com/uploads/1/2/5/8/125873709/968717450.png)
To make sure that the files are compatible, you can print and compare the values of the SSL Certificate modulus, the Private Key modulus and the CSR modulus.Ĭool Tip: Check the expiration date of the SSL Certificate from the Linux command line! The fastest way! Read more → Check Compatibility Or, for example, which CSR has been generated using which Private Key.įrom the Linux command line, you can easily check whether an SSL Certificate or a CSR match a Private Key using the OpenSSL utility. When you are dealing with lots of different SSL Certificates, it is quite easy to forget which certificate goes with which Private Key.