[isapros] Re: certificate keys

  • From: "Jerry G. Young II" <jerrygyoungii@xxxxxxxxx>
  • To: "isapros@xxxxxxxxxxxxx" <isapros@xxxxxxxxxxxxx>
  • Date: Sun, 23 Nov 2008 18:05:11 -0500

Jim,
I'm missing something, then. If the .cer file is just the public key of the certificate authority, why would you be able to view the certificate on a system where the private key didn't exist (as CSR)? For that matter, why is the CSR required if you're just getting the public key in return?
I had always thought the .cer file was the pairing of the server's private key with the certificate authority's public key? Granted, to move that certificate between servers you need to export to a .pfx file but my point is that the .cer file could be installed on the published server, after which the private certificate could be exported. 

Since Amy said she had the .cer file, that's what I was suggesting.

Cordially yours,
Jerry G. Young II
+=+ Sent via iPhone +=+

On Nov 23, 2008, at 3:14 PM, Jim Harrison <Jim@xxxxxxxxxxxx> wrote:


Actually, it won't.  The .cer file contains only the public key.
The private key is only contained in a PFX-format file.

-----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx ] On Behalf Of Jerry Young 
Sent: Sunday, November 23, 2008 10:17 AM
To: isapros@xxxxxxxxxxxxx
Subject: [isapros] Re: certificate keys
The CER file will have both the public and private keys in it (since it's a compilation of the server's private key [CSR] and the certificate authority's public key). You just need to import it into the certificate store on the server the CSR for it was created.
On Sun, Nov 23, 2008 at 11:02 AM, Amy Babinchak <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx > wrote:
I have the original cer file. But that doesn't do me much good. There's no .pfx file with it so I can't import with private keys. 



   I could probably ask for a rekey of the certificate.



   thanks,



   Amy Babinchak



   Harbor Computer Services | 248-850-8616



   Mobile 248-890-1794
Web http://www.harborcomputerservices.net <http://www.harborcomputerservices.net/ >
Client Blog http://smalltechnotes.blogspot.com <http://smalltechnotes.blogspot.com/ >
Tech Blog http://securesmb.harborcomputerservices.net <http://securesmb.harborcomputerservices.net/ >
Buy My House: http://www.shannonrealty.com/vassar_mls_tour.html <http://www.shannonrealty.com/vassar_mls_tour.html >
Are you an IT Pro? http://www.thirdtier.net <http://www.thirdtier.net/ >
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx ] On Behalf Of Jerry Young 
   Sent: Sunday, November 23, 2008 9:39 AM

   To: isapros@xxxxxxxxxxxxx
   Subject: [isapros] Re: certificate keys





   When does the certificate expire?
If you can't find the original PFX or CER file for the certificate, you're unfortunately not going to be able to recreate the private key for the current certificate.
What you can do, however, is renew it. During renewal, you should be able to get the private key for the new certificate that way.
On Sun, Nov 23, 2008 at 7:17 AM, Amy Babinchak <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx > wrote: 

   No they aren't on this server.


   thanks,

   Amy Babinchak

   Harbor Computer Services | 248-850-8616

   Mobile 248-890-1794
Web http://www.harborcomputerservices.net <http://www.harborcomputerservices.net/ >
Client Blog http://smalltechnotes.blogspot.com <http://smalltechnotes.blogspot.com/ >
Tech Blog http://securesmb.harborcomputerservices.net <http://securesmb.harborcomputerservices.net/ > 

   Buy My House: http://www.shannonrealty.com/vassar_mls_tour.html
Are you an IT Pro? http://www.thirdtier.net <http://www.thirdtier.net/ > 



   -----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx ] On Behalf Of Jim Harrison 
   Sent: Sunday, November 23, 2008 12:01 AM
   To: isapros@xxxxxxxxxxxxx

   Subject: [isapros] Re: certificate keys

   Sorry, but no.
   You don't have the original PFX file?

   -----Original Message-----
From: isapros-bounce@xxxxxxxxxxxxx [mailto:isapros-bounce@xxxxxxxxxxxxx ] On Behalf Of Amy Babinchak 
   Sent: Saturday, November 22, 2008 4:23 PM
   To: isapros@xxxxxxxxxxxxx
   Subject: [isapros] certificate keys
Is there some way to create certificate keys after a certificate has been installed? When I choose export the key isn't an option. I need to regenerate it somehow. 



   thanks,



   Amy Babinchak



   Harbor Computer Services | 248-850-8616



   Mobile 248-890-1794
Web http://www.harborcomputerservices.net <http://www.harborcomputerservices.net/ > <http://www.harborcomputerservices.net/>
Client Blog http://smalltechnotes.blogspot.com <http://smalltechnotes.blogspot.com/ > <http://smalltechnotes.blogspot.com/>
Tech Blog http://securesmb.harborcomputerservices.net <http://securesmb.harborcomputerservices.net/ > <http://securesmb.harborcomputerservices.net/>
Buy My House: http://www.shannonrealty.com/vassar_mls_tour.html <http://www.shannonrealty.com/vassar_mls_tour.html >
Are you an IT Pro? http://www.thirdtier.net <http://www.thirdtier.net/ > <http://www.thirdtier.net/> 

   Number : 2141393.
ExchangeDefender Message Security: Check Authenticity <http://www.exchangedefender.com/verify.asp?id=mAN0GfRW020944&from=amy@xxxxxxxxxxxxxxxxxxxxxxxxxx > 









   --
   Cordially yours,
   Jerry G. Young II
   Microsoft Certified Systems Engineer
ExchangeDefender Message Security: Check Authenticity <http://www.exchangedefender.com/verify.asp?id=mANFuOxU019767&from=amy@xxxxxxxxxxxxxxxxxxxxxxxxxx > 





--
Cordially yours,
Jerry G. Young II
Microsoft Certified Systems Engineer

Other related posts:

  1. Home
  2. isapros
  3. Archive
  4. 11-2008