If eHealth is configured to use SSL the public/private keys must match.
eHealth all platforms
Configured to use TLS/SSL
1) Commands to verify a server key matches the certificate:
openssl x509 -noout -modulus -in <certificateFile> | openssl md5
openssl rsa -noout -modulus -in <server privateKey> | openssl md5
The resulting numbers must match. If not they do not belong to each other.
2) You can also verify a certificate signing request matches the certificate and/or private key:
openssl req -noout -modulus -in <certificateSigningRequestFile> | openssl md5
The resulting number would need to match the output(s) in step 1)