Certificate Key Matcher
You can use this Certificate Key Matcher to check whether a private key matches a certificate or whether a certificate matches a certificate signing request (CSR). When you are dealing with lots of different certificates it can be easy to lose track of which certificate goes with which private key or which CSR was used to generate which certificate. The Certificate Key Matcher tool makes it easy to determine whether a private key matches or a CSR matches a certificate.
The Certificate Key Matcher simply compares an md5 hash of the private key modulus, the certificate modulus, or the CSR modulus and tells you whether they match or not. You can check whether a certificate matches private key, or a CSR matches a certificate on your own computer by using the OpenSSL commands below:
openssl x509 -noout -modulus -in certificate.crt | openssl md5
openssl rsa -noout -modulus -in privateKey.key | openssl md5
openssl req -noout -modulus -in CSR.csr | openssl md5
Your private key is intended to remain on the server. While we try to make this process as secure as possible by using SSL to encrypt the key when it is sent to the server, for complete security, we recommend that you manually check the modulus of the private key on your server using the OpenSSL commands above.