[HCoop-Help] when generating an X509 cert, is it important to keep the generated key.pem file private?
Adam Chlipala
adamc at hcoop.net
Wed Dec 17 08:52:52 EST 2008
Daniel Wilkerson wrote:
> when generating an X509 cert, is it important to keep the generated
> key.pem file private?
>
That depends. If someone gets ahold of your key, he can impersonate
your web site. This only matters if you're using the "prove you're who
you say you are" aspect of SSL. Even if someone else knows your key,
SSL communication is still encrypted.
More information about the HCoop-Help
mailing list