1. View the certificate modulus using the following command:
openssl x509 -noout -text -in www.mydomain.com.crt –modulus
2. View the key using the following command:
openssl rsa -noout -text -in www.mydomain.com.key –modulus
3. Verify the following:
o Verify that the certificate and private key is saved in notepad/vi and that it has no trailing spaces.
o The "modulus" and "public exponent" portions in the key and the certificate must match exactly.
o Verify the modulus of the default server.key file as the CSR could have been generated off this key.
o You should also check the httpd.conf file to make sure that the directives are pointing to the correct private key and certificate.
o Search for all private keys on your server and compare the modulus. Use the following commands: locate "*.key" or find / -name "*.key"
4. If they do not match, you will have to reissue your certificate.