First move to the directory,where you placed your SSL certificate.
ls
To view the modulus of the CSR, use the following command:
openssl req -noout -modulus -in rbgeek_com.csr | openssl md5
Note: Please replace rbgeek_com.csr with your csr fileNext, to view the modulus of the Private Key, use the following command:
openssl rsa -noout -modulus -in rbgeek_com.key | openssl md5
The output of these commands are identical, which means that the Private Key was created using the supplied CSR.
Next, to view the modulus of the SSL Certificate, use the following command:
openssl x509 -noout -modulus -in rbgeek_com.crt | openssl md5
If everything matches (same modulus), the files are compatible.
To verify the bundle certificate with the ssl certificate, use the following command:
openssl verify -CAfile rbgeek_com.ca-bundle rbgeek_com.crt
OK indicate that the bundle certificate is compatible with SSL certificate.
EXTRA INFO:
If we have CARoot certificate and chain certificate then we can create a bundle from it like this:
touch rbgeek_com.ca-bundle
cat rbgeekCARoot.crt >> rbgeek_com.ca-bundle
cat rbgeekServerCA.crt >> rbgeek_com.ca-bundle
Check the bundle file that it’s format is correct.
cat rbgeek_com.ca-bundle
Then verify it:
openssl verify -CAfile rbgeek_com.ca-bundle rbgeek_com.crt
Enjoy
Hope this will help you!
No comments:
Post a Comment