Renewing an SSL certificate is usually straight forward. But sometimes you’re not sure which CSR to use. Or if you need to generate a new CSR, which SSL key. Here are the commands I use to verify the certificate related files:
openssl x509 -noout -modulus -in mydomain.crt | openssl md5
openssl rsa -noout -modulus -in mydomain.key | openssl md5
openssl req -noout -modulus -in mydomain.csr | openssl md5
The MD5 hash should match.
You could use a bash script to search a directory for a specific MD5 hash. For example:
for f in $(ls $SOMEDIR); do echo $f; openssl x509 -noout -modulus -in $SOMEDIR$f | openssl md5 | grep "MYMD5HASH"; done
I guess the above could use some work 🙂
for the CLI-phobics check out this certificate key matcher
No Comments
You can leave the first : )