Sometimes I have multiple SSL certificates and keys and have no idea which of them belong together. Recently I found out that there is an easy way to test this.
[max@gaia]$ ls certificate.crt privateKey.key [max@gaia]$ openssl x509 -noout -modulus -in certificate.crt | openssl md5 (stdin)= 5eaa10f15f3e4b6f93167a5c48e7498c [max@gaia]$ openssl rsa -noout -modulus -in privateKey.key | openssl md5 (stdin)= 5eaa10f15f3e4b6f93167a5c48e7498c
If the two MD5 hashes are equal you have found a matching pair.
If you want to understand why the modulus in the certificate and key are equal I recommend to read more about the RSA algorithm.