When managing multiple private and public keys, it can be easy to lose track of which private key belongs to the public key. Verifying the match between a private key and its corresponding public key is essential to avoid configuration errors. This tutorial explains how to check if the private key matches the public key using OpenSSL.
Suppose we have the following private key and public key:
-----BEGIN PRIVATE KEY-----
MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEA3+i8CaGg06cTZWgl
5S6ekQH4LBPI9sojxWdD6strvmuIG2Z9isZ1QPwK/+n6KgvzrHBK9f4dheeQ998R
dzsiVQIDAQABAkA3eyS0wj7mkvykYPUa371csv86dMCUHixU6qySjkspSGcvdqNQ
UuAfRJ97n8m8wkNSHhF2HIWH2lPdC/MsZX/VAiEA8QLAZXzsUiEIQ04enLZRq0cv
YkD8mLyXVpT56ZrdEDsCIQDt1bMedIH1kCcAvg4PHAugXw1NeJSvpOpUqOyPwmB+
rwIhAJDhq5EW4OWaT+JOAt8IRt4k49o34OFcdcmpsvZ4jy3jAiA7n+2N3wuNspv0
lbEUnKVViT7egzJTbnbIzqivyb1DRQIhAKbr3cYY4mk0HKFQg3oEhWi2stSPulYz
KNkxLcXmqXjr
-----END PRIVATE KEY----------BEGIN PUBLIC KEY-----
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAN/ovAmhoNOnE2VoJeUunpEB+CwTyPbK
I8VnQ+rLa75riBtmfYrGdUD8Cv/p+ioL86xwSvX+HYXnkPffEXc7IlUCAwEAAQ==
-----END PUBLIC KEY-----The private key and public key must share the same modulus. Use the following command to display the MD5 hash of the private key modulus:
openssl rsa -noout -modulus -in test.key | openssl md5Next, display the MD5 hash of the public key modulus:
openssl rsa -pubin -noout -modulus -in test.pub | openssl md5In this example, both commands produce the same MD5 hash, indicating that the private key matches the public key.
(stdin)= 49ca6d1ddd0e407f0a3a9065cbc41702The meaning of options:
-noout- indicates that the output should not include an encoded representation of the private or public key.-modulus- displays the modulus value.-pubin- reads public key instead of a private key.-in test.key- indicates the filename from which to read the private key.-in test.pub- indicates the filename from which to read the public key.
Leave a Comment
Cancel reply