-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Julius Davies wrote: > RSA keypair, right? If so, compare that the modulus of both the > certificate and the private key is equal. These two commands do the > trick: > > openssl x509 -in cert.pem -modulus -noout > > openssl rsa -in rsa.pem -modulus -noout > > > If on Unix, I imagine you can do this (ahhh... the glorious back-tick!): > > TEST1=`openssl x509 -in cert.pem -modulus -noout` > TEST2=`openssl rsa -in rsa.pem -modulus -noout` > if [ "$TEST1" = "$TEST2" ]; then echo 'equal'; else echo 'not equal'; fi; > > (Is it okay to only check the modulus? The public exponent can be > ignored? Is it always "Exponent: 65537 (0x10001)"?) No. You must compared modulis and exponent for an RSA key...
Bye Goetz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFF2lgG2iGqZUF3qPYRAmDdAJ0fRwKUM6/ZkQo+8VGVWv+SdtPAzwCfWZpA fZPQiu59Lp0WeBa7FhFeWqo= =BvUs -----END PGP SIGNATURE----- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
