Check if Private Key Was Used for SSL Certificate Generation

PUBLISHED ON 21/03/2018 — EDITED ON 08/10/2019 — SYSOPS

Intro & Outro

To find out if some private key was used to generate new certificate request, you can use the following commands and compare the hashes.

openssl pkey -in privateKey.key -pubout -outform pem | sha256sum 
openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum 
openssl req -in CSR.csr -pubkey -noout -outform pem | sha256sum


On macOS you can replace sha256sum with shasum -a 256.

See Also