Solved

crt and csr file stolen

Posted on 2014-04-16
2
497 Views
Last Modified: 2014-04-22
Question:

If a .csr and a .crt are both stolen, is this a security risk?  If so, why.
0
Comment
Question by:NYGiantsFan
2 Comments
 
LVL 33

Accepted Solution

by:
Dave Howe earned 500 total points
ID: 40005639
No.

A CSR is just an unsigned CRT (you send the CSR to a CA, get back a CRT)

a CRT is just a cert - you send it to everyone who connects to your site, each and every time. Hence, stealing it would be a waste of time.

it is the private key (usually in a PFX file) you need to be protective of.
0
 

Author Closing Comment

by:NYGiantsFan
ID: 40014926
Thanks!  That is what I thought, however needed the second set of eyes to sleep at night.
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

One of the biggest threats in the cyber realm pertains to advanced persistent threats (APTs). This paper is a compare and contrast of Russian and Chinese APT's.
This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

803 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question