开发者

Is the CSR unique?

开发者 https://www.devze.com 2023-01-30 04:11 出处:网络
I\'m creating a webpage to take sensitive customer information and wish this to be on an SSL secured page.

I'm creating a webpage to take sensitive customer information and wish this to be on an SSL secured page.

Ive been asked by a CA to provide a CSR.

I was planning to install OpenSSL on a server and create one of these.

Does this mean that the server I create the CSR on w开发者_开发百科ill be the same one I have to install the certificate they provide me or can I install it somewhere else?

What links the certificate they provide to the CSR I create?

Thanks for any help.


When a key pair (public and private) is generated, such as with OpenSSL, a CSR is also generated. The CSR is sort of a wrapper that contains your Organization info with the public key. This is also the part of the pair where the CA will sign upon.

Once you have received the signed certificate (after paying companies like VeriSign, GoDaddy) you should be pairing the signed certificate back together with the initially generated private key and together they work in the app in which you wish to secure content transmission with. E.g. Web servers.

The key pair, and CSR files generated usually CAN BE moved to other hosts/servers. Only in cases where the key pair generation mechanism involves hardware (such as some nCipher devices) will you not be allowed to move to other machine.


It doesn't matter, where the certificate signing request (CSR) is being generated.

Just make sure, you keep the private key. Otherwise the issued certificate will be useless, as it's the key that "links" your CSR to the certificate.

0

精彩评论

暂无评论...
验证码 换一张
取 消