Jump to content
wildweaselmi

F5 Verify SSL cert and key

Recommended Posts

The following command line procedure uses the md5sum and openssl utilities to simplify comparison:

  1. Log in to the command line.
  2. To calculate the md5 checksum of the modulus of the key in question, use the following command syntax:
    1. openssl rsa -in /config/ssl/ssl.key/<key_name>.key -modulus -noout | openssl md5
    2. Note: Replace <key_name> with the name of the SSL key file.
    3. For example:
    4. openssl rsa -in /config/ssl/ssl.key/default.key -modulus -noout | openssl md5
    5. The command displays the md5 checksum of the modulus of the key. The checksum is displayed as a 32-character hexadecimal string, which appears similar to the following example:
    6. d5eddbb45275a3378dff01cb70868136
  3. To calculate the md5 checksum of the modulus of the certificate in question, use the following command syntax:
    1. openssl x509 -in /config/ssl/ssl.crt/<cert_name>.crt -modulus -noout | openssl md5
    2. Note: Replace <cert_name> with the name of the SSL certificate file.
    3. For example:
    4. openssl x509 -in /config/ssl/ssl.crt/default.crt -modulus -noout | openssl md5
    5. The command displays the md5 checksum of the modulus of the certificate. The checksum is displayed as a 32 character hexadecimal string, which appears similar to the following example:
    6. b453c4304edec9cee0457a18bdb9f601
  4. Compare the output of the commands. If the output from both commands is the same, the certificate and private key are a matching pair. If the output does not match, the certificate and key are not a pair.

Note: In the command and output examples used in this article, the checksums do not match; therefore, the certificate and key are not a pair.

 

Share this post


Link to post
Share on other sites

×
×
  • Create New...