OpenSSL commands to check and verify your SSL certificate, key and CSR

Question & Answer

Question

Answer

Description

It can be useful to check a certificate and key before applying them to your server. The following commands help verify the certificate, key, and CSR (Certificate Signing Request).

Check a certificate:

Check a certificate and return information about it (signing authority, expiration date, etc.)

openssl x509 -in server.crt -text -noout

Check a key:

Check the SSL key and verify the consistency

openssl rsa -in server.key -check

Check a CSR:

Verify the CSR and print CSR data filled in when generating the CSR

openssl req -text -noout -verify -in server.csr

Verify a certificate and key matches

These two commands print out md5 checksums of the certificate and key; the checksums can be compared to verify that the certificate and key match.

openssl x509 -noout -modulus -in server.crt| openssl md5
openssl rsa -noout -modulus -in server.key| openssl md5

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS8NDZ","label":"IBM Aspera"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Tips

OpenSSL commands to check and verify your SSL certificate, key and CSR

Question & Answer

Question

Answer

Description

Check a certificate:

Check a key:

Check a CSR:

Verify a certificate and key matches

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?