Garry Shape
asked on
Is p7b downloaded a compromise of SSL certs?
Is certificate compromised if someone downloads the p7b file of the certificate? For example if they login to your godaddy or digicert and get the p7b file downloaded, does that jeopardize all the websites that the SSL certificate within was installed on?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks so similarly if we wanted to move the certificate to a different server would you have to buy a whole new one!? Or re-request
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
P7B is only a format with certificate and intermediate certificates, and the certificate is without the private key. The private key is created on the computer where request is made. When installing the digicert certificate on that computer, it will pair private key with certificate. If the certificate is installed on another computer - without private key, it's useless.
to be able to sign og decrypt traffic, you need the private key,
Certificate with private key, can be exported from a server where both elements are located, and loosing track of that export - is a security compromise. The exported certificate is either .pfx format - or .pem format (with key and certificate in separate files)