Check a certificate installed on your server for a matching private key
The DigiCert Certificate Utility® for Windows has a feature that lets you find out if an SSL Certificate installed on your Windows server has a matching private key. You can also use this instruction to discover if the certificate is revoked.
DigiCert Utility: Check an SSL Certificate for a Matching Private Key
-
On the Windows server where your SSL Certificate is located, download and save the DigiCert® Certificate Utility for Windows executable (DigiCertUtil.exe).
-
Run the DigiCert® Certificate Utility for Windows (double-click DigiCertUtil).
-
In the DigiCert Certificate Utility for Windows©, click SSL (gold lock), select the SSL Certificate that you want to check, and then click Test Key.
-
In the Private Key Test window, you should see a green checkmark next to The private key was successfully tested.
This verifies that the certificate has a matching and valid private key.
-
Certificate Revoke Note:
In the Private Key Test window, you should see a green checkmark next to Revocation check for certificate chain was successful.
This verifies that the certificate's serial number is not listed on a revocation list.
Troubleshooting
Reissue Certificate
If you run into any errors when checking for a matching private key, you probably need to reissue your certificate. See Reissuing a DigiCert® SSL Certificate.
Contact Us
If you continue to have any errors, please contact DigiCert Support.
