(PHP 4 >= 4.2.0, PHP 5, PHP 7)

openssl_x509_check_private_keyChecks if a private key corresponds to a certificate


openssl_x509_check_private_key ( mixed $cert , mixed $key ) : bool

Checks whether the given key is the private key that corresponds to cert.


The function does not check if key is indeed a private key or not. It merely compares the public materials (e.g. exponent and modulus of an RSA key) and/or key parameters (e.g. EC params of an EC key) of a key pair.

This means, for example, that a public key could be given for key and the function may return true.



The certificate.


The private key.

Valor Retornado

Returns true if key is the private key that corresponds to cert, or false otherwise.

add a note add a note

User Contributed Notes 2 notes

tomsie at toms dot ie
5 years ago
This function DOES return TRUE if the key has a passphrase, you just need to set up the data in such a way that the function can understand it. It is not documented here.

This error message led me to the solution:

PHP Warning:  openssl_x509_check_private_key(): key array must be of the form array(0 => key, 1 => phrase)

So this works:

$certFile = file_get_contents('cert.crt');
$keyFile = file_get_contents('cert.key');
$keyPassphrase = "password1234";
$keyCheckData = array(0=>$keyFile,1=>$keyPassphrase);
$result = openssl_x509_check_private_key($certFile,$keyCheckData);
jared at enhancesoft dot com
8 years ago
This function will return FALSE if the private key requires a pass phrase.
To Top