验证证书请求是否与秘钥匹配

验证证书请求是否与秘钥匹配

验证脚本

#!/bin/sh
if [[ "$1" = "" || "$2" = ""  ]]; then
	echo "certRequestCheck.sh  requestfile keyfile "  
	exit 0;
else
	value=`openssl req -text -noout -in $1  | grep "Public Key Algorithm:" | awk  -F ':'  'BEGIN {}  {print $2} END {}'`


	if [ "$value" = " rsaEncryption" ] ; then
		echo $value
		
		requestModuleMd5=`openssl req -modulus -in $1 | grep Modulus | openssl md5`
		privateModuleMd5=`openssl rsa -noout -modulus -in $2 | openssl md5`
	
	else
		`openssl ec -in $2 -pubout -out ecpubkey.pem `
		privateModuleMd5=`cat ecpubkey.pem | openssl md5`
		requestModuleMd5=`openssl req -in $1  -pubkey  -noout | openssl md5`
	
	fi
	if [  "$requestModuleMd5" = "$privateModuleMd5" ] ; then 
		echo "ok"
	fi 


fi

备注

        秘钥是使用 openssl genrsa 生成的。