What is a Private Key?
A private key is a piece of code created alongside your Certificate Signing Request (CSR).
These are generated on your server or other generation tool.
After that, CSR is then used to create your SSL Certificate, otherwise known as the public key.
These keys work together to encrypt and decrypt information.
Moreover, where the public key encrypts information sent to your server by a client, the private key decrypts that information back into readable text which only you can view.
Most importantly, your private key should be closely guarded; only viewable and accessible by yourself and/or those performing SSL/TLS certificate installation on your server.
If you cannot locate your private key, it is best to reissue (or ‘re-key’) your SSL/TLS certificate with a new public/private key pair by generating a new CSR on your server.
However, if you cannot generate a CSR and private key on your server, you can use Trustico’s free CSR / private key generation tool at the below link:
tools.trustico.com/ssl-generator.php
What does it look like?
The private key is a text file (.key); an encoded piece of data which will have multiple lines of random text and symbols.
Furthermore, it will contain the header “—–BEGIN RSA PRIVATE KEY—–” and footer “—–END RSA PRIVATE KEY—–“ such as in the mock example below:
—-BEGIN RSA PRIVATE KEY—– MA25r4SDFASDknasdASDFmad3sfASDFAd(4asdfadf)ASDfasdfdj35kksdfcgdghdfghdfghdghhsdasdfgfgfdsgksdfcgdghdfghdfghdghhsdasdfgfg5r4SDFASDknasdASDFmad3sfASDFAd(4asdfadf)ASDfasdfdj35kksdfcgdghdfghdfghdghhs52141dasdfgfgfdsgksdfcgd=ghdfghdfghdghhsdasdfgfgDfasdfdj35kksdASDFmad3sfASDFAd(4asdfadf)ASDfasdfdj35kksdMASDknasdAd(4asdfadf)ASDfasdfdj35kksdASDFmad3sfASDFAd(MA25r4SDFASD=knasdASDFmad3sfASDF243455Ad(4asdfadf)ASDfasdfdj35kksdfcgdghdfghdfghdghhsdasdfgfgfdsgksdfcgdghdfghdfghdghhsdasdfgfg5r4SDFASDknasdASDFmad3sfASDFAd(4asdfadf)ASDfasdfdj35kksdfcgdghdfgh=hdghhsdasdfgfgfdsgksdfcgdghdfghdf4234ghdghhsdasdfgfgDfasdfdj35kksdASDFmad3sfASDFAd(4asdfadf)ASDfasdfdj35kksdMASD=knasdAd(4asdfadf)ASDfasdfdj35kksdA2134SDFmad3sfASDFAd(MA25r4SDFASDknasdASDFmad3sfASDFAd(4asdfadf)ASDfasdfdj35kksdfcgdghdfghdfghdghhsdasdfgfgfdsgksdfcgdghdfghdfghdghhsdasdfgfg5r4SDFASDknasdASDFmad3sfASDFAd(4=
—–END RSA PRIVATE KEY—–
This code usually won’t be viewed by yourself when creating the CSR.
Instead, it will be created in the background separately by your server which will automatically save it in the server filesystem.
While installing your SSL Certificate onto your server the corresponding private key will typically be automatically matched; though not all servers function this way.
If your SSL certificate needs to be installed onto a server different from the one the CSR and private key were generated on, you will need to locate the private key for exporting.
For more information on locating your Private Key, check out my post below:
blog.trustico.com/resources/trustico-blog-how-to-guides/how-to-find-rsa-private-key.php
More on the Private Key
The private key is one part of a pair of keys used for text encryption and decryption, the other being the public key (the SSL/TLS certificate).
Incoming information goes through the public key and is encrypted into nonsensical code.
Then, the private key decrypts that information into its original, readable text.
The public key is viewable and accessible publicly as there is no risk of data breach.
This is because the public key simply encrypts incoming information and cannot do anything with such information alone.
That is to say, since only the private key can decrypt the information provided by the public key, it is then useless on its own.
Hence, it is located on the server; only accessible by those with server access.
Mitchell has a Bachelor of Arts with Majors in Journalism and Foreign Relations; and a Diploma of Digital Design.