Is the certificate I receive back from the CA supposed to be private?

Question

I'm attempting to install a certificate on a web server. I understand there is nothing secretive about the CSR. Obviously, I wouldn't want to reveal the private key I used to generate the CSR.

How about the certificate I receive back from the CA? As far as I can tell that's the same certificate that I will provide to the end user, correct?

I guess I'm a little confused because I've received certificates with public/private keys that I've installed within Windows so I can do SSO, VPNs, etc...

score 0 · Answer 1 · edited Mar 05 '18 at 18:31

0

The certificate you receive back from the certificate authority is the public certificate. You can consider it as public, and it will eventually be be published by the certificate authority in certificate transparency logs.

Moreover, if anyone had access to it, including your certificate authority, you must consider it as public.

edited Mar 05 '18 at 18:31

Crypt32

5,901
12
24

answered Mar 05 '18 at 17:31

Benoit Esnard

13,979
7
65
65

Is the certificate I receive back from the CA supposed to be private?

1 Answers1