Mutual SSL Step By Step

1. 1. Generate CSR with new key: `openssl req -new -sha256 -newkey rsa:4096 -nodes -out csr_file_name.csr -keyout your_private.key -subj "/C=/ST=/L=/O=Your Org/OU=Your Department/CN=your.host.name"`
2. 2. Generate CSR with existing key: `openssl req -new -sha256 -key ssl_client_key.key -out csr_file_name.csr -subj "/C=/ST=/L=/O=Your Org/OU=Your Department/CN=your.host.name"`
3. 3. Verify that it's SHA256: `openssl req -text -noout -verify -in csr_file_name.csr | less`
4. 4. Check modulus for the private and CSR; they ought to match.
5. For the CSR: `openssl req -noout -modulus -in csr_file_name.csr | openssl md5`
6. For the key: `openssl rsa -noout -modulus -in your_private.key | openssl md5`
7. 5. Once you get the public key: `cat signedcert.cer intermediate.cer root.cer your_private.key > bundle.pem`
8. If signedcert has p7b extension: `openssl pkcs7 -print_certs -in signedcert.p7b -out signedcert.cer`
9. 6. Then verify the modulus: `openssl x509 -noout -modulus -in bundle.pem | openssl md5`
10. Output should match the rest of the moduli (step 4)