Checking certificates and keys
Checking Using OpenSSL
If you need to check the information within a Certificate, CSR or Private Key, use these commands. You can also check CSRs and check certificates using our online tools.
- Check a Certificate Signing Request (CSR)
- openssl req -text -noout -verify -in CSR.csr
- Check a private key
- openssl rsa -in privateKey.key -check
- Check a certificate
- openssl x509 -in certificate.crt -text -noout
- Check a PKCS#12 file (.pfx or .p12)
- openssl pkcs12 -info -in keyStore.p12
- Check the fingerprint of a certificate.
- Get SHA-1 fingerprint:
-
- openssl x509 -noout -in certificate.pem -fingerprint -sha1
- openssl x509 -noout -in certificate.pem -fingerprint -sha1
-
- Get SHA-1 fingerprint:
-
- Get SHA-256 fingerprint:
-
- openssl x509 -noout -in certificate.pem -fingerprint -sha256
- openssl x509 -noout -in certificate.pem -fingerprint -sha256
-
- Get SHA-256 fingerprint:
You can check if an SSL certificate matches a Private Key by using the 2 easy commands below.
-
-
-
- For your SSL certificate: openssl x509 -noout -modulus -in <file>.crt | openssl md5
- For your RSA private key: openssl rsa -noout -modulus -in <file>.key | openssl md5
- For your SSL certificate: openssl x509 -noout -modulus -in <file>.crt | openssl md5
-
-