Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How do I identify if my certificate contains private key?

According to the answer to this server-fault question almost all certificate file formats can contain private key alongside public key, as such how can I identify whether a certificate contains private key?

This is important because I do not want to unknowingly send the private key to the remote client.

like image 535
Allahjane Avatar asked Jan 04 '17 09:01

Allahjane


People also ask

Which certificate has the private key?

Your private key is the single most important component of your SSL certificate. It's what gives you the power to authenticate your website to internet users, helps to enable encryption and prevents others from impersonating you.

Is private key stored in certificate?

Public key vs Private key Public key is embedded in the SSL certificate and Private key is stored on the server and kept secret.

Why doesn't my certificate have a private key?

A missing private key could mean: The certificate is not being installed on the same server that generated the CSR. The pending request was deleted from IIS. The certificate was installed through the Certificate Import Wizard rather than through IIS.


1 Answers

Following the structure of the link:

  • .csr. Only public keys in pem or der format

  • .pem. keys and/or certificates. Look for -----BEGIN PRIVATE KEY---- or -----BEGIN RSA PRIVATE KEY----- or -----BEGIN ENCRYPTED PRIVATE KEY-----

  • .key keys in pem format

  • .pkcs12 .pfx .p12 keys and/or certificates. List keys with openssl pkcs12 -info -nocerts -in keystore.p12

  • .jks keys and/or certificates. Java specific format.

  • .der pem content without base64 encoding. Look for KEY in openssl x509 -inform DER -in cert.der

  • .cert .cer .crt keys and/or certificates. Content can be pem or der

  • .p7b. Only certificates

  • .crl. No keys

like image 127
pedrofb Avatar answered Sep 20 '22 07:09

pedrofb