Reset Search



How To Verify If My SSL Certificate, Private Key, and CSR Match

« Go Back


TitleHow To Verify If My SSL Certificate, Private Key, and CSR Match
Verify that the process involved in updating NAC's Captive Portal, RADIUS, and Internal Communications certificates are done so with the applicable private key, which in turn, matches the CSR, as well as the certificate generated by the Certificate Authority (CA).
All NAC platforms

1.  SSH into the NAC appliance and migrate to the directory where the private key, CSR, and certificate are located.

2.  Types these commands:

openssl x509 -noout -modulus -in certificate.crt | openssl md5
openssl rsa -noout -modulus -in privatekey.key | openssl md5
openssl req -noout -modulus -in naccsr.csr | openssl md5

(Be sure to replace "certificate.crt", privatekey.key", and "naccsr.csr" with your filenames, for the above commands to be accurate.)

3.  Verify that the resulting MD5 checksum matches in the output of all of the commands.

Example:$ openssl x509 -noout -modulus -in nac.crt | openssl md5
(stdin)= ba23f0de2fb05f98b17bcb86d876970d$  openssl rsa -noout -modulus -in server.key | openssl md5
Enter pass phrase for server.key:
(stdin)= ba23f0de2fb05f98b17bcb86d876970d$  openssl req -noout -modulus -in server.csr | openssl md5
(stdin)= ba23f0de2fb05f98b17bcb86d876970d

Additional notes



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255