Menu
I am wondering which private key Keychain Access in Mac OS X (Snow Leopard, now Lion) uses. Whenever I create a CSR using that app, it does not even ask for a private key to use. So which one does it use then?
I could imagine that it used the selected one, if you've selected one in your certificate list. But generating the request even works when nothing is selected at all or, making sure it's not an "invisible" selection, if the item that's selected is not a private key.
Does anyone know?
Thanks in advance
Arne
790
A private key is created by you — the certificate owner — when you request your certificate with a Certificate Signing Request (CSR). The certificate authority (CA) providing your certificate (such as DigiCert) does not create or have your private key.
It usually contains the public key for which the certificate should be issued, identifying information (such as a domain name) and a proof of authenticity including integrity protection (e.g., a digital signature).
Certificate signing requests (CSR) are generated with a pair of keys – a public and private key. Only the public key is sent to a Certificate Authority and included in the SSL certificate, and it works together with your private key to encrypt the connection.
It generates a new public/private keypair when you create a CSR in Keychain Access. The name of the key will be what you entered in the "Common Name" field when generating the CSR.
If you would like to generate a new CSR from an existing key, I do not believe this can be done entirely within Keychain Access. For how to do it with Keychain Access and OpenSSL, see How can I use an existing private key to a new iOS development certificate?
61
If you open the resulting certificate on your Mac, it will be added to your Keychain. When you unfold it, you'll the associated private key.
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
