Problem
You have a few SSL cert files on your server, but you are not sure which one is the newest, or the right cert to use.
Solution
Look at the contents of a CSR
openssl req -noout -text -in [domain_name].csr
Where [domain_name].csr is the name of the CSR file.
Look at the contents of a certificate
openssl x509 -noout -text -in [domain_name].crt
Look at the MD5 fingerprint of a certificate
openssl x509 -fingerprint -noout -in [domain_name].crt
Check the private key, the CSR, and the signed cert
To check that the private key, the CSR, and the signed cert belong to the same set, you need to compare the MD5 outputs:
openssl rsa -noout -modulus -in [domain_name].key |openssl md5
openssl req -noout -modulus -in [domain_name].csr |openssl md5
openssl x509 -noout -modulus -in [domain_name].crt |openssl md5
