Re: Private & Public Key storage location

Dear Bernard,

I have read all that stuff at the links you are refering to.
The pages on MS wesite lack clarity & I have wrote a comment to them such as

1] Under the section

"Obtain a Certificate"
"......The CSR is simply an encrypted text message that is encrypted with a
public/private key pair."

Now could it be made clear
A] if the website generates a Keypair of its own before it creates the CSR
B] How can the CSR be encrypted by Public/private key both at the same time?
C] Is it that the CSR contains both the private & public keys of the website?

What is true & presice ?


"Bernard Cheah [MVP]" wrote:

Read -
How To Enable SSL for All Customers Who Interact with Your Web Site in
Internet Information Services
http://support.microsoft.com/?id=298805

that's why typically - we have trusted CA list in browser that we can trust.

--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/


"Vicky" <Vicky@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:90DB2326-7C0B-4457-91CD-2E7ABC1828FB@xxxxxxxxxxxxxxxx
I am shocked to here that it is the CA who generates the Private & public
key
(Key Pair) for my own website.
You seem to have shattered my understanding of the whole process. How can
my
private ley be a private affair if the CA generates it for me (my
website).
I think I need to build more clarity of the whole process. Maybe I have
wrong ideas.

"Bernard Cheah [MVP]" wrote:

You only send the request file to CA. CA will then issue you the cert
with
both private and public key.

To back it up, export the key (including private) and safe guard the
file,
refer
HOW TO: Back Up a Server Certificate in Internet Information Services 5.0
http://support.microsoft.com/?id=232136



--
Regards,
Bernard Cheah
http://www.iis.net/
http://www.iis-resources.com/
http://msmvps.com/blogs/bernard/


"Vicky" <Vicky@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:322F8088-D472-487F-8F30-F1616EFCD995@xxxxxxxxxxxxxxxx
hi,

when I configure IIS server on a windows 2000 or 2003 server to use the
ssl
protocol, I have to make a certificate request, during which the web
site
generates a Key pair (public & private).

My public key is sent to the CA alomg with my certificate request.
I wish to know where is my web site key pair stored on my local system.
Can
I also see the public key & is it possible to have both this keys
copied
to a
desired location as a backup.


Vicky






.

Relevant Pages

  • Re: When to use Public/Private Key & when to gen new one?
    ... The key pair is uniquely bound to each other: you can't have one private key ... options for extracting the public key, but not one for 'build new public key ... I was including in assemblies whatever it had spat one ... probably keep the same snk file across various builds of an assembly, ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: More on learning "Public Key Authentication" [correction]
    ... As the person who created that private ... How do I "specify" the file? ... > transfer the long 2048 digit public key to the other computer. ... specific keyfile you want to use to encrypt or sign a specific data ...
    (comp.sys.mac.system)
  • Re: private to public decrypt now working
    ... If you switch it to use the public key to encrypt and private to decrypt it works. ...
    (microsoft.public.dotnet.security)
  • Re: How to authenticate many users with the same public key.
    ... You have to give them both the private and the public key. ... servers, I can recommend Active Directory / Kerberos. ... I created a directory ssh in which I store both my OpenSSH keys and those converted to PuTTY format, ...
    (comp.security.ssh)
  • Re: Encryption question
    ... will be able to encrypt and decrypt the same messange. ... it with alice private key.... ... >>messange with his public nor with is private. ... she will encrypt it with his public key. ...
    (Security-Basics)