6

I have noticed that a number of different web and mail server software allow or require you to provide the TLS certificate (including server certificate, CA intermediate certificate, and CA root certificate) and private key in a single .pem file.

So, the server sends the certificate(s) to every client attempting to connect, but, of course, you want to keep your private key secure and secret. So, how does this work when they are all in the same file? Does the software know to only send the certificate parts and never send the private key, even though they are in the same file?

Thank you.

user981178
  • 455

2 Answers2

5

Does the software know to only send the certificate parts and never send the private key, even though they are in the same file?

Yes.

TessellatingHeckler
  • 5,776
0

So, the server sends the certificate(s) to every client attempting to connect, but, of course, you want to keep your private key secure and secret.

If you don't trust the software which you are providing your PEM file to, you can encrypt the key before writing it to the PEM file. This will prevent anyone from using it without the passphrase.

The OpenSSL rsa command uses the -in to designate the input file, and -out to designate the encrypted output file. You need to also pass it the cipher. A sample command looks like this:

openssl rsa -AES256 -in key.pem -out encryptedKey.pem

You will be prompted for the passphrase. Now you can append encryptedKey.pem to your public certificate PEM, and be fairly confident that it will be safe from all bu the most determined attackers.

Note that this uses the AES256 cipher. It is your responsibility to use a cipher that is modern and secure.

When you need to use that key at the command line, OpenSSL will prompt you for the passphrase. Libraries like pyOpenSSL have overridden signatures that take a cipher and passphrase for encrypting the key, and which take only a passphrase for decrypting the encrypted key.

Adam Howell
  • 101