013 9:40 AM
To: openssl-users@openssl.org
Subject: RE: Does CSR need to be signed with matching private key?
Ø Hypothetically, what if i have TWO key pairs (PubKey1, PrivKey1, PubKey2,
PrivKey2). First thing
Ø i do is move PrivKey1 to another place. Is there a way where I can use
PubKey1 to
On Mon, Mar 4, 2013 at 9:33 PM, Steven Funasaki
wrote:
> Does the CSR need to be signed with the matching private key for the CA to
> validate it?
Of course. That demonstrates proof of possession of the private key.
Otherwise there is no binding of an entity to a keypair, and no cert
can have a
Ø Hypothetically, what if i have TWO key pairs (PubKey1, PrivKey1, PubKey2,
PrivKey2). First thing
Ø i do is move PrivKey1 to another place. Is there a way where I can use
PubKey1 to make the CSR
Ø (Without access to PrivKey1), but sign it with PrivKey2 to preserve
integrity?
If you can "
The Certification Request has a signature field generated by running the RSA
sign operation against the fields in the request. This signature is used to
perform an RSA verify using the public key in the request. The signature must
be valid for most CAs to accept the request. The cryptographic te
I can't seem to find more detailed information on what is going on when
generating a CSR. I would like to learn more in detail how the private key
is used to create a CSR beside just matching the public key.
When generate a CSR using OpenSSL you have two options:
1) Generate a Private key when