How to verify whether a private key matches with the SSL certificate ?

This is a very common question that comes to our mind while setting up SSL in our applications. How to verify whether the key matches with the SSL certificate ?

A very easy way to verify that is given below.

We need to compare the modulus of the certificate against the modulus of the private key.

Execute the below command to get the modulus of a certificate.

openssl x509 -noout -modulus -in mycertificate.crt | openssl md5

This will generate the modulus something like e091f305089662689d62126d49910031 

Execute the below command to get the modulus of a private key.

openssl rsa -noout -modulus -in mykey.key | openssl md5

This will generate the modulus of the private key. You should get the key modulus as same as certificate modulus above. i.e e091f305089662689d62126d49910031

If both the modulus are same, we can say that the certificate and the key are matching.


How to enable access to a S3 object in a secure way ?

By default all the objects in an AWS bucket are private. Sometimes we may come across the requirement to share an object (file) present in s3 to others and don’t want to share aws access credentials.

In these scenarios, AWS provides a simple way to provide access by generating a timebound signed URLs using the access credentials. These URLs will be active only for the specified time period and the access will be revoked after that time period. I came across a similar requirement and the solution is shared below.

Common dependencies to install PyCrypto package in CentOS/RHEL

The installation of pycrypto package may fail with errors like

“error: no acceptable C compiler found in $PATH”

“RuntimeError: autoconf error”

“fatal error: Python.h: No such file or directory”

” #include “Python.h”
compilation terminated.
error: command ‘gcc’ failed with exit status 1″

The solution for this issue is to install the following dependent packages.

yum install gcc

yum install gcc-c++

yum install python-devel

pip install pycrypto

How to check the Java architecture from command line ?

To check the Java architecture whether it is 32 bit or 64 bit, the following commands will be helpful.

Execute the following commands in the command line and check the results

java -d32 -version

java -d64 -version

If any of the above command is giving an error message similar to “Error: This Java instance does not support a xx-bit JVM.” If it is not supporting 32 bit, then we can say it is a 64 bit Java. If it is not supporting 64 bit, we can say it is a 32-bit Java. The screenshot of the same is attached below.


Hope this will help .. 🙂

Programmatic way to identify the status of the namenode in an HA enabled hadoop cluster

In an namenode HA enabled hadoop cluster, one of the namenodes will be active and the other will be standby. If you want to perform some operations on HDFS programmatically, some of the the libraries or packages need the details of active namenode (some of the packages in python need the details of active namenode, they will not support the nameservice). In this case, the easiest way to get the status is to issue a GET request similar to the one given below on each of the namenodes. This will help us to identify the status of each namenode.


curl ',name=NameNodeStatus'


"beans" : [ {
"name" : "Hadoop:service=NameNode,name=NameNodeStatus",
"modelerType" : "org.apache.hadoop.hdfs.server.namenode.NameNode",
"State" : "active",
"SecurityEnabled" : false,
"NNRole" : "NameNode",
"HostAndPort" : "",
"LastHATransitionTime" : 0
} ]