Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 529
  • Last Modified:

crt and csr file stolen

Question:

If a .csr and a .crt are both stolen, is this a security risk?  If so, why.
0
NYGiantsFan
Asked:
NYGiantsFan
1 Solution
 
Dave HoweSoftware and Hardware EngineerCommented:
No.

A CSR is just an unsigned CRT (you send the CSR to a CA, get back a CRT)

a CRT is just a cert - you send it to everyone who connects to your site, each and every time. Hence, stealing it would be a waste of time.

it is the private key (usually in a PFX file) you need to be protective of.
0
 
NYGiantsFanAuthor Commented:
Thanks!  That is what I thought, however needed the second set of eyes to sleep at night.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now