Match your CSR and Certificate Key
Match Your SSL & Private Key Pairs
An easy and a highly secure way to make sure that a private key belongs to a certain certificate is to run a few OpenSSL commands. And do you know what's the best part is? You can do it on your own system. This way your private remains on your own system and won't get compromised.
Just run these OpenSSL commands to verify your private key:
openssl pkey -in privateKey.key -pubout -outform pem | sha256sum
openssl x509 -in certificate.crt -pubkey -noout -outform pem | sha256sum
openssl req -in CSR.csr -pubkey -noout -outform pem | sha256sum
Feel free to drop us a line at firstname.lastname@example.org if you're facing any problems.