Is it safe to email SSL certificates? [closed]
https://stackoverflow.com//questions/21050357
-
22-12-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
When I purchase SSL certificates, I submit the CSR securely through the vendor's website. The vendor then emails me the certificate that I need to install on my server.
Is it safe to email the certificate like that? For example, if someone intercepted the email with my certificate, could they compromise/decrypt my SSL?
If so, what's the safest way to get the certificate from my vendor on to my server?
Solution
Yes, it's safe. You need to protect the private key that corresponds to the public key in the certificate.
The certificate is public; when you install it, it will be sent to everyone that connects as part of the process to authenticate your server.
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
