How to Setting Up a Comodo SSL Certificates
In case of Comodo certificates, you should receive the zip archive with *.crt and .ca-bundle files. Geotrust/Thawte/Symantec sends certificates in plain text. Simply save the certificates as txt files. Notepad will meet this demand. For Comodo PositiveSSL the files would appear like the ones below:
- STAR_linuxits_com.crt
- STAR_linuxits_com.ca-bundle
or you may receive the CA bundle in separate files as provided below:
- STAR_linuxits_com.crt
- SectigoRSADomainValidationSecureServerCA.crt
- USERTrustRSAAddTrustCA.crt
- AddTrustExternalCARoot.crt or
- AAACertificateServices.crt
cat STAR_linuxits_com.crt SectigoRSADomainValidationSecureServerCA.crt USERTrustRSAAddTrustCA.crt AAACertificateServices.crt >> STAR_linuxits_com-bundle.crt
How do I verify that a private key matches a certificate? (OpenSSL)
How do I verify that a private key matches a certificate?
To verify that a private key matches its certificate you need to compare the modulus of the certificate against the modulus of the private key.
Please follow the below command to view the modulus of the certificate.
openssl x509 -noout -modulus -in STAR_linuxits_com.crt | openssl md5
Now you will receive the modulus something like (stdin)= ba8114964bd770410c9ad75b274b96
Please follow the below command to view the modulus of the private key.
openssl rsa -noout -modulus -in STAR_linuxits_com.key | openssl md5
Now you should get the modulus as same as certificate modulus above. i.e (stdin)= ba8114964bd770410c9ad75b274b96
For CA bundle run below command
openssl verify -CAfile STAR_linuxits_com-bundle.crt STAR_linuxits_com.crt
Now you will receive the modulus something like STAR_linuxits_com.crt: OK
How to Convert .pem to .cert with OpenSSL
openssl x509 -outform der -in STAR_linuxits_com.pem -out STAR_linuxits_com.crt
Conclusion
In this tutorial, Setting Up a Comodo SSL Certificate on your server.
