Knowledgebase

All About Private Keys

Your private key is the single most important component of your SSL certificate. It’s what gives you the power to authenticate your website to internet users, helps to enable encryption and prevents others from impersonating you.

You’re going to hear the term “private key” tossed around a lot when it comes to SSL certificates. But if you take one thing from this article, it’s this: avoid letting your private key become compromised above all else. If you lose or have your key compromised, it will end up costing you. At best, you’ll have to spend time re-issuing your SSL certificate and installing it again. At worst, someone could impersonate your website and cost you money.

Generating a Private Key

Your private key will be generated alongside your CSR as a “Key Pair.”Depending on where you’re performing the generation, you may need to paste the output into a text editor and name the file. Then you will upload it to your server. Make sure that you have security in place where you’re storing it. Best practice for security is to save it on an external hardware token and put it in a safeguarded storage unit.

Did You Know: Your public key is actually generated off of your private key?

Note: At no point in the SSL process does The SSL Store have your private key. It should be saved safely on the server you generated it on. Do not send your private key to anyone, as that can compromise the security of your certificate. If you lose your private key, you will be unable to install your SSL certificate and will need to generate a new key pair (CSR + Private Key) and re-issue the certificate. You can find instructions on how to re-issue your certificate here.

What happens if my Private Key is compromised?

If it’s compromised, but not misused, you’ll have to replace your SSL certificate. Most Certificate Authorities will do this for free, but it still takes time and effort. If your private key is misused, someone can spoof your website and phish your customers with impunity. You’ll have to contact your CA to get the certificate revoked and then replace it.

How does a Private Key work with SSL?

During the handshake process, the private key and its public counterpart are used for authentication. A user’s web browser will use the public key to decrypt the digital signature left by the private key. If it’s readable, the signature is authenticated and secure connection can be negotiated.

How does a Private Key work for Code Signing?

Similar to SSL, the private key is used to apply the digital signature to the software, when someone downloads it, their browser uses the public key to decrypt the signature and authenticate the publisher.

If you have any questions, or need help with any part of the SSL process, you can reach out to our support team 24/7/365.

  • 0 Users Found This Useful
     Was this answer helpful?

Related Articles

 Elliptic Curve Cryptography (ECC) Certificates

Cryptography, the science of encrypting data and information, is the backbone of SSL. Every time you visit a website that is secured by an SSL certificate, your computer works with that website’s server to encrypt and then decipher all data sent...

 SSL Frequently Asked Questions

Have Questions? We’ve Got Answers. Get all the help you need from our friendly SSL experts. Sales/Order Processing Why are we cheaper? We are a very important Symantec & Comodo Platinum Partner and we purchase SSL certificates in extremely...

 What is the Difference Between SHA-2 and SHA-2-Full-Chain

While you’re generating your SSL/TLS Certificate you may see an option to select a from 2 different hashing algorithms. You’re given a choice between SHA-2 and FULL SHA-2. SHA-2 is also sometimes referred to as SHA-256. But what’s the difference,...

 Understanding Hash Functions

Maybe now you’ll finally understand the name of our blog Hashing is simply the practice of using an algorithm to map data of any length to a fixed-length output. It’s useful in a number of ways and plays a role in several different types of...

 Multi-Domain Wildcard Certificates

If you are looking to secure multiple wildcard domains, but want to keep them all under one certificate, look no further than the Multi-Domain Wildcard SSL certificates. Offered by all major Certificate Authorities, these SSL Certificates are a...

Powered by WHMCompleteSolution