54 | | The server needs to a private key, its certificate and the CA certificate. The first step is to generate a new private key. This private key is specific to this server. To get such a needed certificate, the server needs to generate a Certificate Signing Request (CSR). This is a file which needs to be sent to your CA. The contents of this file is a public key derived from the private key. This makes it possible to encrypt information, but to decrypt you need the private key. In addition the CSR will contain hostname information, location and other information needed to identify the server. It is also a server flag set in the CSR which will later be used to differentiate servers from clients. This information is then signed using the private key. Since the public key is also attached, the CA can validate that the information haven't been modified afterwards. |
| 54 | The server needs to have a private key, its certificate and the CA certificate. The first step is to generate a new private key. This private key is specific to this server. To get such a needed certificate, the server needs to generate a Certificate Signing Request (CSR). This is a file which needs to be sent to your CA. The contents of this file is a public key derived from the private key. This makes it possible to encrypt information, but to decrypt you need the private key. In addition the CSR will contain hostname information, location and other information needed to identify the server. It is also a server flag set in the CSR which will later be used to differentiate servers from clients. This information is then signed using the private key. Since the public key is also attached, the CA can validate that the information haven't been modified afterwards. |