2009/10/01

check ssl private key and public key are matched

This is a tough question. How can I verify a SSL private key (e.g server.key) and a public key (e.g. server.crt) are matched. The steps are :

#openssl x509 -noout -text -in server.crt

Look for the string of modulus which is 1024 bit and then

#openssl rsa -noout -text -in server.key

Again, look for the string of modulus which should match exactly that of the previous step for the public key.

A sample of the modulus of my server certificate is as follows:

Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:a9:47:4f:dc:2d:20:4d:90:50:40:d5:e5:8c:09:
f3:fb:ca:03:b3:4c:aa:7d:29:b9:37:fb:cc:01:a4:
87:1a:3a:72:0c:c4:fd:7a:35:a0:2d:14:13:63:4c:
a9:16:0b:52:c7:ef:67:ee:29:cc:a5:29:4d:8d:b7:
eb:0f:52:35:11:12:2c:9e:a6:53:6b:d9:80:5b:da:
ba:1b:91:29:2e:08:7b:97:a3:73:bf:77:b1:50:dc:
75:14:d4:42:c2:4b:a4:5b:68:a2:22:bc:d7:72:97:
42:95:ed:a0:32:7d:bf:29:53:12:9a:ea:f0:97:6f:
d2:c8:95:8a:c6:a4:6d:23:59
Exponent: 65537 (0x10001)

No comments: