PHP Script to verify private key matches SSL certificate?
OpenSSL command can be used to verify if an SSL certificate matches a private key file. You need to find the checksum for the SSL certificate and Private key, if both checksums are the same, then the key matches.
To make this process easier, I created a PHP script to verify if the SSL certificate matches the private key provided.
Create a file
1 2 |
mkdir ~/bin/ vi ~/bin/ssl-verify |
Add following content
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
#!/usr/bin/php <?php # Author: Yujin Boby # Web: https://serverok.in # Description: Verify SSL and Private Key matches. $currentDir = $_SERVER["PWD"]; echo "Enter name of Private Key file: \n"; $keyFileName = readline(); $keyFIlePath = $currentDir . "/" . $keyFileName; if (! file_exists($keyFIlePath)) { echo "ERROR: File not found: $keyFIlePath\n"; exit; } echo "Enter name of SSL cert file: \n"; $sslFileName = readline(); $sslFilePath = $currentDir . "/" . $sslFileName; if (! file_exists($sslFilePath)) { echo "ERROR: File not found: $sslFilePath\n"; exit; } echo "\n\n"; $cmd = "openssl rsa -modulus -noout -in '$keyFIlePath' | sha256sum"; $result = exec($cmd); $resultParts = explode(' ', $result); $keyValue = $resultParts[0]; $cmd = "openssl x509 -modulus -noout -in '$sslFilePath' | sha256sum"; $result = exec($cmd); $resultParts = explode(' ', $result); $sslValue = $resultParts[0]; echo "Key checksum = $keyValue\n"; echo "SSL checksum = $sslValue\n"; echo "\n"; if ($keyValue != $sslValue) { echo "ERROR: SSL and Private Key don't match"; } else { echo "SSL and Key match"; } echo "\n\n"; |
Make it executable
1 |
chmod 755 ~/bin/ssl-verify |
To verify an SSL and key file, go to the folder where the SSL certificate and key file are present, then run the command
1 |
ssl-verify |