Keys and certificates must match. Use this guide to help with running the openssl modulus command in a linux environment.
The values should match for both key, csr, and certificate.
Let’s print the values of the modulus of the Private Key, the SSL Certificate and the CSR with the conversion of them to md5 hashes to make the comparison more convenient.
Print the md5 hash of the SSL Certificate modulus:
$ openssl x509 -noout -modulus -in localhost.crt | openssl md5
Print the md5 hash of the CSR modulus:
$ openssl req -noout -modulus -in request.csr | openssl md5
Print the md5 hash of the Private Key modulus:
$ openssl rsa -noout -modulus -in localhost.key | openssl md5
If the md5 hashes are the same, then the files (SSL Certificate, Private Key and CSR) are compatible.
