Check whether a private key matches a certificate or whether a certificate matches a certificate signing request (CSR). If you are receiving an error that the private doesn’t match the certificate or that a certificate that you installed to a site is not trusted, try one of these commands. Check an MD5 hash of the public key to ensure that it matches with what is in a CSR or private key.
root# openssl x509 -noout -modulus -in certificate.crt | openssl md5
root# openssl rsa -noout -modulus -in privatekey.key | openssl md5
root# openssl req -noout -modulus -in csr.csr | openssl md5
For example:
root# openssl req -noout -modulus -in just4testcert_req.csr | openssl md5
(stdin)= 61c59f9a9ddddc032e56fe2e46a91409
root# openssl rsa -noout -modulus -in just4test_server.key | openssl md5
(stdin)= 61c59f9a9ddddc032e56fe2e46a91409