kanchana:
hi in security chapter, why do we create client certificates for private key . it should be public key right.
i am confused.
whether certificates are created with private or public key??
Deekshith Hadil:
Certificates are created in pairs. So both should exist.
kanchana:
But only private key is sent in CSR
kanchana:
so i am confused
Deekshith Hadil:
Here is how you create a priate/public key pair.
- Create private key.
- Using private key, create CSR.
- Send this CSR to certificate provider who will sign it using CA and will send you the public key.
this is a typical process involved when you want to have a certificate for your website which shows green in browser. Here, the process is kind of same, but all these are done by our selves.
You might want to go through tls security section over and over again. It is beautifully explained here.
kanchana:
thank you will check again