# Verify RSA keys for SSL certificate

To ensure that your RSA private key matches the public key in your certificate, follow these steps:

1. **Check the RSA Private Key**\
   To verify the private key and see its modulus, run:<br>

   ```bash
   openssl rsa -modulus -noout -in /root/certs/server.key | openssl md5
   openssl rsa -check -noout -in /root/certs/server.key
   ```

   \
   If the output says "RSA key ok," the key is valid. If not, there’s an issue.<br>

2. **View the RSA Public Key Modulus**\
   To check the modulus of the public key in the certificate, run:<br>

   ```bash
   openssl x509 -modulus -noout -in /root/certs/server.crt | openssl md5
   ```

3. **Compare Moduli**\
   If there are any errors in the previous commands, or if the modulus from the public key does not match the modulus from the private key, you are using the wrong private key. You can either:
   * Create a new key and Certificate Signing Request (CSR) and contact support.
   * Search for other private keys on your system to find a match.<br>

4. **Finding Private Keys on Your Server**\
   To search for all private keys, run:

   ```bash
   find / -name "*.key"
   ```

<figure><img src="https://content.gitbook.com/content/cJYkTyk9qgh7aCR6dHIm/blobs/ywFWLtO1FRYT0YoKcyxA/image.png" alt=""><figcaption><p>RSA key check</p></figcaption></figure>