look at certs!

openssl: check a private key

openssl rsa -in privateKey.key -check

openssl: check a certificate

This will print out the details.

openssl x509 -in certificate.crt -text -noout

openssl: check the subject in a certificate

Show just the subject of the certificate.

openssl x509 -noout -subject -in certificate.crt

keytool: check expiration

java yay

keytool -list -v -keystore keystore.jks

openssl: check key file

openssl rsa -in file.key -check

openssl: check modulus of both key and certificate

If these don’t match, the key and cert don’t belong together.

openssl rsa -modulus -noout -in file.key | openssl md5
openssl x509 -modulus -noout -in file.crt | openssl md5