Key Matcher
Check whether a private key, CSR, and certificate belong together by comparing their public keys
Compare Your PKI Components
Paste or upload any two (or all three) of a certificate, a CSR, and a private key in PEM format. We compare their public keys and tell you exactly which items belong together.
Privacy note: Your private key is only used in-memory to derive its public key for comparison. It is never stored, logged, or transmitted anywhere else.
Provide at least two inputs to compare
How Key Matching Works
A certificate, its CSR, and its private key all embed (or derive) the same public key. We compute the SHA-256 fingerprint of each item's Subject Public Key Info (SPKI) and compare them. Identical fingerprints mean the items belong to the same key pair.
Certificate ↔ CSR
Verify that a certificate was issued from a specific signing request.
Certificate ↔ Private Key
Confirm you have the right private key before installing a certificate on a server.
CSR ↔ Private Key
Check that a CSR was generated from the private key you still hold.