Sadly i know many CA's who don't give the user any choice about this. They say as a 'user friendly service' they generate also the key for the user and send him a .p12-file.
Am 10.12.19 um 17:01 schrieb Mark H. Wood via Gnupg-users: > > Oh, I hope not. The point of asymmetric crypto is that you never, > ever, give your private key to anyone, even, *especially*, the CA. > The proper way to get an X.509 certificate is to generate a keypair, > keep the private key private, and send a CSR containing the public key > to the entity which will issue the certificate. > > > _______________________________________________ > Gnupg-users mailing list > [email protected] > http://lists.gnupg.org/mailman/listinfo/gnupg-users > -- Juergen M. Bruckner [email protected]
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
