Validate x509 (SSL) Certificates and Keys

Feb 17, 2015 How To

If you work commonly enough with SSL, you know that verifying certificates and keys needs to be done before you push a configuration change to a server. Thankfully nginx has the configtest flag set in the restart command, to prevent you from shutting down a broken configuration.

Below, I have included a really simple script that will take all the .crt files in a directly, and match them up with .key files, and validate the modulus’ md5sum.

On failure, it will spit out the cert/key combo that doesn’t match like below:

comments powered by Disqus