1

Consider that I generate a new undisclosed private key using openssl:

openssl genrsa -out personal.key 2048


I then generate the multiple CSR requests (called csr1.csr and csr2.csr):

openssl req -new -sha256 -key personal.key -out csr1.csr
openssl req -new -sha256 -key personal.key -out csr2.csr

(Both CSRs are generated with the same set of fields.)

The .csr files are given to different parties, and csr1.csr is compromised by a third party.

As I understand that CSR contains only the public key, so I'd like to ask how secure and trusted are csr2.csr and personal.key now (in terms of remaining in use, and keeping them for future use)?

Should csr2.csr and/or personal.key be discarded if csr1.csr is compromised? If so, why is that?

David Refoua
  • 153
  • 1
  • 13
  • Releated – [What is the risk of someone intercepting my CSR and private key](https://security.stackexchange.com/q/170258/55572) and [Is it safe to send a CSR via email?](https://security.stackexchange.com/q/14916/55572) – David Refoua Aug 02 '18 at 08:51

1 Answers1

3

As per this answer CSR with only public key with openssl

The CSR only contains your public key, not your private key, so your private key has not been compromised.

The .csr files will both still be valid no matter what.

When you send the CSR to a Certificate Authority, they will produce a signed x509 Certificate. Any computer that trusts the CA will then consider that certificate valid.

If the CA is the third party that is compromised, then it is likely that the signed certificate is useless as nobody will trust it.

If a man-in-the-middle captures the csr it does them little good, as the only key available is your public key.

AndrolGenhald
  • 15,506
  • 5
  • 45
  • 50
ste-fu
  • 1,092
  • 6
  • 9
  • 1
    Since you only mention `csr2.csr`, readers may get the implication that `csr1.csr` is _not_ valid – AndrolGenhald Jun 22 '18 at 13:36
  • @AndrolGenhald Assuming the compromise causes the CA to become untrusted it will be invalid – ste-fu Jun 22 '18 at 13:39
  • Good point, I was assuming it was compromised in-transit and the CA was still trusted, but the question leaves this ambiguous. Is a CSR specific to a CA though? I was under the impression that it wasn't, in which case there's nothing about it that _wouldn't_ be valid. – AndrolGenhald Jun 22 '18 at 13:44
  • @AndrolGenhald - Another good point - I assumed that the validity mean the signed certificate, but the question acually states the csr - will edit. – ste-fu Jun 22 '18 at 13:51