Answer the question
In order to leave comments, you need to log in
M
M
Mortech2020-10-13 21:48:46
Mortech, 2020-10-13 21:48:46
How to check if SSL certificates are correct? Are all files available for installation?
There are two files (two chairs) cert.perm and ssl_key.perm. In the second, only private key (judging by the output with the key, everything is in order, since RSA KEY is ok), which in the first and second brought out under the spoiler. Are these two files enough to install an ssl certificate on a site? And how exactly to check them correctly? (And the first file). Also, under the third spoiler, a comparison of hashes (I read that if they match, then we can assume that we can live)
spoiler
openssl x509 -in cert.pem -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:5b:0c:01:f9:81:68:7f:30:8e:68:76:03:da:de:69:ac:bf:a9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = RU, ST = Sizran, L = Sizran, O = JKH, CN = somedomain.com
Validity
Not Before: Oct 13 10:30:33 2020 GMT
Not After : Oct 13 10:30:33 2021 GMT
Subject: C = RU, ST = Sizran, L = Sizran, O = JKH, CN = somedomain.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:cc:6e:be:86:15:be:7f:e5:8f:ee:ec:d4:c0:55:
fa:5b:87:a0:a5:d3:bb:0f:90:60:0d:d4:6a:23:c3:
bb:4c:81:7c:10:14:58:16:84:06:f9:a8:70:dc:d6:
f6:c6:37:67:c4:91:bf:6f:f8:1e:46:4a:ce:fd:09:
47:39:8d:cd:08:d6:f9:17:08:f3:12:3a:6b:70:98:
4c:3a:7a:a1:4f:bb:05:20:7b:52:4c:7a:bf:f9:10:
69:1b:c8:54:05:3b:9a:24:d9:ea:d4:72:dc:fc:f9:
55:4f:c1:c5:26:43:c8:02:e9:41:8d:1a:4f:d9:67:
1e:af:86:c0:65:71:40:06:35:45:e8:a0:ef:96:40:
c8:36:ca:00:9f:26:3c:73:5e:74:56:d8:75:54:81:
e3:ad:27:00:8b:c7:bd:6b:30:19:b2:a3:1c:cf:b3:
62:5c:35:15:7e:66:fc:20:d0:c8:e5:41:aa:ae:5a:
1e:2c:0c:21:37:47:0e:8c:16:b0:67:ba:dd:3b:e6:
1b:e9:69:2d:6d:77:8e:98:fa:d5:7b:9d:7e:f4:12:
94:fb:d6:49:d7:6f:e1:19:7e:fd:15:1f:73:72:a1:
c8:c8:18:f9:9b:fc:27:b3:3a:9d:55:6a:14:10:2f:
f8:66:29:25:d2:ba:bd:c9:1f:ea:d3:75:ce:df:a9:
38:48:c2:be:12:17:4f:5c:11:f3:5b:9a:1b:6e:bb:
fe:74:3c:a1:4c:9a:98:c2:14:45:20:f1:02:52:52:
35:35:be:d5:93:2d:23:d7:10:87:ef:ff:be:79:32:
96:91:46:4d:4f:c5:4b:01:16:9e:ea:44:4a:cc:a1:
30:8a:77:fa:cf:df:8f:89:8e:8f:09:80:41:85:42:
01:7a:c3:52:32:82:a3:77:96:7f:61:b1:3f:f0:58:
b3:86:7c:5f:5a:42:a3:99:f9:bf:c1:83:0c:3c:a1:
0c:cd:a8:58:c8:48:3d:99:c1:62:ec:50:d0:e5:bb:
5d:44:4e:2c:4e:8a:6e:b2:65:37:8d:f0:03:8c:ee:
87:58:dc:83:b5:da:46:9c:a4:e9:18:84:53:45:dc:
58:f5:bd:8f:1a:a2:f5:f6:2e:c0:fd:47:09:59:cf:
d9:01:47:01:76:d0:98:d6:64:b1:9e:93:15:36:20:
65:e2:0e:59:1c:b8:e6:97:b4:cf:20:7b:d1:84:f0:
0d:59:4f:b3:ab:cc:60:fc:ac:0b:4e:9e:e3:ac:fa:
07:4a:60:17:fd:64:51:52:9c:6b:35:bf:bf:6b:d7:
bf:30:e6:a3:78:50:3e:1d:e7:42:cd:68:dc:f0:61:
9b:41:8b:dd:f3:cb:3f:23:8c:46:68:7b:c3:02:2f:
7c:1b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:93:9C:30:DC:06:9E:1E:67:D8:50:DF:B6:22:44:A7:59:0A:22:CE
X509v3 Authority Key Identifier:
keyid:AA:93:9C:30:DC:06:9E:1E:67:D8:50:DF:B6:22:44:A7:59:0A:22:CE
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
8e:e4:c4:2e:b8:8f:3f:49:fe:a4:9d:31:b9:6a:07:6f:e7:b3:
37:fd:c0:25:5f:d6:ba:cb:c8:a2:c8:3b:10:b6:4c:b7:23:15:
87:e0:c4:60:7a:62:36:5b:40:29:63:38:4d:e1:05:f9:0d:ab:
ac:2c:73:90:af:f0:e5:3d:63:53:12:ba:4e:5f:dd:89:be:65:
1e:a1:27:58:07:00:fa:3b:0b:00:6c:82:46:32:88:5c:77:49:
26:67:a2:0f:42:0b:83:59:c6:09:a4:5c:b3:f6:92:c7:ea:77:
ac:52:b4:5d:6d:28:41:e3:06:ae:1e:1c:b4:e9:30:74:36:ab:
7a:39:e5:3f:bf:7f:ed:51:90:1e:6b:bb:fd:90:d5:06:34:85:
d1:d2:c9:88:ba:1c:e2:89:6c:8b:9f:d6:e7:73:11:fa:21:53:
fd:99:7b:ce:fa:d5:6c:8c:88:f9:73:c2:ae:56:44:9c:9a:9e:
41:98:ab:ba:b7:06:77:bd:91:c1:39:74:8d:e3:1b:d1:46:34:
03:a6:db:70:c6:0e:4c:de:cc:d5:a8:02:f5:ed:dd:47:67:b0:
9f:a1:15:c4:be:d2:da:f2:46:96:a0:41:47:c4:2b:c6:e4:0d:
a6:5c:0d:cd:27:8f:88:1e:1b:03:91:eb:5c:b3:eb:98:74:14:
40:af:70:ac:f5:17:93:6c:41:68:13:57:d9:56:92:24:4a:fb:
74:13:75:89:0f:6d:7c:cc:eb:ac:6d:ca:24:57:d4:75:eb:6b:
84:51:d3:63:5d:b6:71:e4:c5:69:cf:68:e3:e7:5a:8b:01:4d:
50:de:62:8b:78:cd:1e:28:f7:88:a0:8b:95:c5:0f:2c:96:f7:
a6:fb:34:c0:ad:d9:75:da:3f:a1:40:23:20:f8:f7:43:c3:7f:
0e:96:45:5c:53:14:4e:af:a8:88:e5:bd:60:24:d0:49:22:de:
29:ab:30:55:e8:e4:c9:8e:c2:c3:5e:16:f1:2c:fa:ce:89:98:
11:51:0f:c8:ee:31:98:88:d8:e6:f2:e3:a1:6d:ba:67:5b:de:
b3:1f:4c:7f:6c:36:a8:50:bc:7c:55:7e:c9:88:a2:8c:15:0e:
d9:b9:25:2a:32:1b:92:2e:67:8f:bd:4b:7f:ed:cb:cb:86:85:
7a:cf:61:e5:df:c7:6b:e2:c2:1f:df:d1:83:57:cf:2f:29:0b:
1a:39:ac:f3:70:97:7a:51:0c:53:29:8e:79:d3:22:95:de:61:
7c:85:1d:ee:db:55:a5:32:0c:51:ea:bf:33:1b:99:8e:ef:1a:
27:61:36:fe:55:0f:ce:15:45:a0:42:cb:1f:14:ca:f4:fc:83:
5f:4a:0c:1e:bc:0b:bb:ea
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:5b:0c:01:f9:81:68:7f:30:8e:68:76:03:da:de:69:ac:bf:a9:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = RU, ST = Sizran, L = Sizran, O = JKH, CN = somedomain.com
Validity
Not Before: Oct 13 10:30:33 2020 GMT
Not After : Oct 13 10:30:33 2021 GMT
Subject: C = RU, ST = Sizran, L = Sizran, O = JKH, CN = somedomain.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:cc:6e:be:86:15:be:7f:e5:8f:ee:ec:d4:c0:55:
fa:5b:87:a0:a5:d3:bb:0f:90:60:0d:d4:6a:23:c3:
bb:4c:81:7c:10:14:58:16:84:06:f9:a8:70:dc:d6:
f6:c6:37:67:c4:91:bf:6f:f8:1e:46:4a:ce:fd:09:
47:39:8d:cd:08:d6:f9:17:08:f3:12:3a:6b:70:98:
4c:3a:7a:a1:4f:bb:05:20:7b:52:4c:7a:bf:f9:10:
69:1b:c8:54:05:3b:9a:24:d9:ea:d4:72:dc:fc:f9:
55:4f:c1:c5:26:43:c8:02:e9:41:8d:1a:4f:d9:67:
1e:af:86:c0:65:71:40:06:35:45:e8:a0:ef:96:40:
c8:36:ca:00:9f:26:3c:73:5e:74:56:d8:75:54:81:
e3:ad:27:00:8b:c7:bd:6b:30:19:b2:a3:1c:cf:b3:
62:5c:35:15:7e:66:fc:20:d0:c8:e5:41:aa:ae:5a:
1e:2c:0c:21:37:47:0e:8c:16:b0:67:ba:dd:3b:e6:
1b:e9:69:2d:6d:77:8e:98:fa:d5:7b:9d:7e:f4:12:
94:fb:d6:49:d7:6f:e1:19:7e:fd:15:1f:73:72:a1:
c8:c8:18:f9:9b:fc:27:b3:3a:9d:55:6a:14:10:2f:
f8:66:29:25:d2:ba:bd:c9:1f:ea:d3:75:ce:df:a9:
38:48:c2:be:12:17:4f:5c:11:f3:5b:9a:1b:6e:bb:
fe:74:3c:a1:4c:9a:98:c2:14:45:20:f1:02:52:52:
35:35:be:d5:93:2d:23:d7:10:87:ef:ff:be:79:32:
96:91:46:4d:4f:c5:4b:01:16:9e:ea:44:4a:cc:a1:
30:8a:77:fa:cf:df:8f:89:8e:8f:09:80:41:85:42:
01:7a:c3:52:32:82:a3:77:96:7f:61:b1:3f:f0:58:
b3:86:7c:5f:5a:42:a3:99:f9:bf:c1:83:0c:3c:a1:
0c:cd:a8:58:c8:48:3d:99:c1:62:ec:50:d0:e5:bb:
5d:44:4e:2c:4e:8a:6e:b2:65:37:8d:f0:03:8c:ee:
87:58:dc:83:b5:da:46:9c:a4:e9:18:84:53:45:dc:
58:f5:bd:8f:1a:a2:f5:f6:2e:c0:fd:47:09:59:cf:
d9:01:47:01:76:d0:98:d6:64:b1:9e:93:15:36:20:
65:e2:0e:59:1c:b8:e6:97:b4:cf:20:7b:d1:84:f0:
0d:59:4f:b3:ab:cc:60:fc:ac:0b:4e:9e:e3:ac:fa:
07:4a:60:17:fd:64:51:52:9c:6b:35:bf:bf:6b:d7:
bf:30:e6:a3:78:50:3e:1d:e7:42:cd:68:dc:f0:61:
9b:41:8b:dd:f3:cb:3f:23:8c:46:68:7b:c3:02:2f:
7c:1b:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:93:9C:30:DC:06:9E:1E:67:D8:50:DF:B6:22:44:A7:59:0A:22:CE
X509v3 Authority Key Identifier:
keyid:AA:93:9C:30:DC:06:9E:1E:67:D8:50:DF:B6:22:44:A7:59:0A:22:CE
X509v3 Basic Constraints: critical
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
8e:e4:c4:2e:b8:8f:3f:49:fe:a4:9d:31:b9:6a:07:6f:e7:b3:
37:fd:c0:25:5f:d6:ba:cb:c8:a2:c8:3b:10:b6:4c:b7:23:15:
87:e0:c4:60:7a:62:36:5b:40:29:63:38:4d:e1:05:f9:0d:ab:
ac:2c:73:90:af:f0:e5:3d:63:53:12:ba:4e:5f:dd:89:be:65:
1e:a1:27:58:07:00:fa:3b:0b:00:6c:82:46:32:88:5c:77:49:
26:67:a2:0f:42:0b:83:59:c6:09:a4:5c:b3:f6:92:c7:ea:77:
ac:52:b4:5d:6d:28:41:e3:06:ae:1e:1c:b4:e9:30:74:36:ab:
7a:39:e5:3f:bf:7f:ed:51:90:1e:6b:bb:fd:90:d5:06:34:85:
d1:d2:c9:88:ba:1c:e2:89:6c:8b:9f:d6:e7:73:11:fa:21:53:
fd:99:7b:ce:fa:d5:6c:8c:88:f9:73:c2:ae:56:44:9c:9a:9e:
41:98:ab:ba:b7:06:77:bd:91:c1:39:74:8d:e3:1b:d1:46:34:
03:a6:db:70:c6:0e:4c:de:cc:d5:a8:02:f5:ed:dd:47:67:b0:
9f:a1:15:c4:be:d2:da:f2:46:96:a0:41:47:c4:2b:c6:e4:0d:
a6:5c:0d:cd:27:8f:88:1e:1b:03:91:eb:5c:b3:eb:98:74:14:
40:af:70:ac:f5:17:93:6c:41:68:13:57:d9:56:92:24:4a:fb:
74:13:75:89:0f:6d:7c:cc:eb:ac:6d:ca:24:57:d4:75:eb:6b:
84:51:d3:63:5d:b6:71:e4:c5:69:cf:68:e3:e7:5a:8b:01:4d:
50:de:62:8b:78:cd:1e:28:f7:88:a0:8b:95:c5:0f:2c:96:f7:
a6:fb:34:c0:ad:d9:75:da:3f:a1:40:23:20:f8:f7:43:c3:7f:
0e:96:45:5c:53:14:4e:af:a8:88:e5:bd:60:24:d0:49:22:de:
29:ab:30:55:e8:e4:c9:8e:c2:c3:5e:16:f1:2c:fa:ce:89:98:
11:51:0f:c8:ee:31:98:88:d8:e6:f2:e3:a1:6d:ba:67:5b:de:
b3:1f:4c:7f:6c:36:a8:50:bc:7c:55:7e:c9:88:a2:8c:15:0e:
d9:b9:25:2a:32:1b:92:2e:67:8f:bd:4b:7f:ed:cb:cb:86:85:
7a:cf:61:e5:df:c7:6b:e2:c2:1f:df:d1:83:57:cf:2f:29:0b:
1a:39:ac:f3:70:97:7a:51:0c:53:29:8e:79:d3:22:95:de:61:
7c:85:1d:ee:db:55:a5:32:0c:51:ea:bf:33:1b:99:8e:ef:1a:
27:61:36:fe:55:0f:ce:15:45:a0:42:cb:1f:14:ca:f4:fc:83:
5f:4a:0c:1e:bc:0b:bb:ea
spoiler
openssl rsa -in ssl_key.pem -check
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
RSA key ok
writing RSA key
-----BEGIN RSA PRIVATE KEY-----
-----END RSA PRIVATE KEY-----
spoiler
[email protected]:/home/mort/Downloads# openssl x509 -noout -modulus -in cert.pem|md5sumda 1a1392ce7aa3d813c387bd92bedc0b -
[email protected]:/home/mort/Downloads# openssl rsa -noout -modulus -in ssl_key.pem|md5sum
1da3861ab9e21310474aac32854767f6 -
[email protected]:/home/mort/Downloads# openssl rsa -noout -modulus -in ssl_key.pem|md5sum
1da3861ab9e21310474aac32854767f6 -
Similar questions
R
K
O
Obivankinobi2018-08-30 09:34:51
How to give access only to a certain folder and nowhere else?
2Reply
V
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question