Look at certs!¶
Check a private key¶
openssl rsa -in privateKey.key -check
Check a certificate¶
openssl x509 -in certificate.crt -text -noout
Check the subject in a certificate¶
openssl x509 -noout -subject -in certificate.crt
Check expiration with keytool¶
keytool -list -v -keystore keystore.jks
Check key file¶
openssl rsa -in file.key -check
Check modulus of both key and certificate¶
If these don’t match, the key and cert don’t belong together.
openssl rsa -modulus -noout -in file.key | openssl md5
openssl x509 -modulus -noout -in file.crt | openssl md5