Certificate & Key Matcher

Verify your SSL certificate and private key are a matching pair before installing on your server.

Your private key never leaves your browser. Matching is performed entirely in JavaScript - nothing is sent to our servers.

SSL Certificate (PEM)

Paste the certificate you received from your Certificate Authority.

Private Key (PEM)

Paste the private key that was generated alongside your CSR.

Certificate Details

Common Name (CN)
-
Expires
-

Why Check for a Mismatch?

If you install an SSL certificate with the wrong private key, your web server will fail to start or throw a TLS handshake error. Browsers will show a connection error instead of loading your site.

A mismatch happens when the private key was not generated as part of the same CSR that was used to request the certificate. This can occur when:

  • The certificate was re-issued with a new CSR but the old private key was kept.
  • Files were renamed or accidentally swapped during installation.
  • Multiple certificates are managed and the wrong files were combined.

Run this check before every installation to catch mismatches instantly - before they cause downtime.

Need to Generate a New SSL Certificate?

Generate a free, trusted SSL certificate powered by Let's Encrypt - completely free.