Verifying that a certificate is issued by a CA
How to use OpenSSL on the command line to verify that a certificate was issued by a specific CA, given that CA's certificate:
$ openssl verify -verbose -CAfile cacert.pem server.crt server.crt: OK
Verify that a private key matches a certificate
$ openssl x509 -noout -modulus -in server.crt | openssl md5 $ openssl rsa -noout -modulus -in server.key | openssl md5The resultant hashes should match.