On Fri, May 13, 2011 at 5:28 PM, Zico <[email protected]> wrote: > Hi, is it necessary to generate private from "that server" in which I will > install SSL certificate? I mean, say, I want to install SSL certificate for > my www.mysite.com, now, is it necessary that, I have to generate private key > and csr from that "www.mysite.com" server? Or, I can also create private key > and CSR from my local machine and then apply for crt file from any > authorized CA certificate provider?
You don't get your private key signed by anybody. It is private and should not be shown to anybody. You generate a keypair and the private key is encrypted with a pass phrase or a password. Now your public key is what is called the certificate. But that becomes a certificate only when it is signed by the CA's private key. In the case of certificate your public key is appended with a signature of the MD5 or SHA1 hash of the certificate data. Private keys are used only for document signing and for symmetric key encryption when communicating. -Girish -- G3 Tech Networking appliance company web: http://g3tech.in mail: [email protected] _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
