• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 544
  • Last Modified:

crt and csr file stolen

Question:

If a .csr and a .crt are both stolen, is this a security risk?  If so, why.
0
NYGiantsFan
Asked:
NYGiantsFan
1 Solution
 
Dave HoweSoftware and Hardware EngineerCommented:
No.

A CSR is just an unsigned CRT (you send the CSR to a CA, get back a CRT)

a CRT is just a cert - you send it to everyone who connects to your site, each and every time. Hence, stealing it would be a waste of time.

it is the private key (usually in a PFX file) you need to be protective of.
0
 
NYGiantsFanAuthor Commented:
Thanks!  That is what I thought, however needed the second set of eyes to sleep at night.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now