Checking Validity of a Private Key, CSR and Certificate

If you’re working with a certificate and need a means to check if the combination of the private key, CSR and certificate are all matching, you can run the following OpenSSL commands:

To check the private key:

openssl rsa -modulus -noout -in YOUR_KEY.pem | openssl md5

To check the CSR:

openssl req -noout -modulus -in YOUR_CSR.csr | openssl md5

To check the certificate:

openssl x509 -modulus -noout -in CERTIFICATE.crt | openssl md5

With each of these commands, you will have a value generated besides the (stdin) declaration, which needs to match across all of the different types to show compatibility.