How to verify that SSL certificate matches key

In order to verify that OpenSSL key matches certificate you can run following command: For key:

and for certificate:

and for CSR (Certificate Signing Request):

In all cases you should get the same output, for example:

If the output is the same in all cases this means that keys match certificate. If the output is different in even one case, you have a mismatch somewhere.
If you have multiple certificates in one .crt file, for example your domain SSL certs and CA certs, make sure your certificate is at the top of the file, because this tool checks only first certificate from the input file.