I have an OpenSSl certificate. I also need the private key. I was told it is located somewhere on the server, and true enough, I found multiple SSL key files.
Before I try them all by brute force: Is there a way I can find out on terminal if a private key was used to create the certificate?
The classic reference for this is this FAQ in the online Apache docs.
In that document, an
md5
of the modulus is used becauseThis gives:
I'm proposing the use of process substitution to avoid visual comparison of the modulus:
If the output is empty, the private key matches the certificate.
This is just a more convenient way to compare the strings than the one in Andrew Schulman's answer, which is, of course, also valid.
Another reference here.
To check that a certificate file certifies the public key associated with a given private key file, compare the public keys associated with each:
The certificate and private key are matched if and only if the public keys are identical.