Question
For iphone push notifications SSL certificates, you need to provide them with CSR files...
I have saved a CSR file since some time now, and i always give upload the same CSR file, whenever i want to generate the SSL certificates...
Now i've been thinking, since when generating CSR files, i'm actually generating the private key, and probably the public key too...
So i'm wondering what disadvantages i'm facing when i'm using the same CSR file.. though when i download the SSL Certificates, they appear in the keychain as if there's multiple private keys (though they have the same name) and each is attached to a different SSL Certificate. Is it recommended to generate a new CSR file everytime? and why? and if it's not necessary, then how? thank you
Solution
Certificate Request contains the public key and you have an associated private key. So by re-using it you basically get the same key pair signed again and again.
The disadvantage is obvious - if one key gets leaked, you get all certificates compromised. This is why re-generation of key pairs each time is necessary.
https://stackoverflow.com/questions/16017600
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian