The private key is what needs to be protected. The CSR contains information that you may consider proprietary, but the only *really* important piece of it is the public key, which is going to be in the issued certificate anyway.
-Kyle H On Tue, Mar 31, 2009 at 1:15 PM, <fhd...@unm.edu> wrote: > > Hello, > > Is there any reason why one needs to protect CSR (e.g. encrypting it) > from public view? I was under impression that is the key that needs > to be protected not the CSR? > > > Thank you, > Farid > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org