Tag Archives: openssl

(openssl) verify that a private key matches a certificate

A while ago I had to renew the SSL certificate for a website I’m taking care of. How do I verify that a private key matches a certificate? [codesyntax lang=”bash”] openssl x509 -noout -modulus -in server.crt | openssl md5 openssl rsa -noout -modulus -in server.key | openssl md5 [/codesyntax] How do I verify that a … Continue reading (openssl) verify that a private key matches a certificate

How to deal with “RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)” problem

If you see [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) in you apache error.log file means you have created a cert that is intended to be used to sign other certs, but you’re using that cert as your SSL cert. So, it depends how you create the SSL cert. … Continue reading How to deal with “RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)” problem