Receiving an SSL certificate for your website is truly exciting but installing it may involve some challenges. You may take time in corresponding to the private key. First you must know the basic definition of the private key. With SSL certificate, you get two keys, the public key and private key. Public key is encrypted within your SSL certificate. To find your private key, you have to get it generated on your server and it is kept secret. While making the private key, you must make sure that you make it unique and no one matches it.
How to the keys function?
An easy way to understand about private keys is by use of the analogy of a bank. Below I am giving a small example that can help you understand better.
You can consider your wallet like your online banking account. In this case, your private key is the login for the account. The private key enables you to spend your money as you like and whenever you find. You must make sure that no one is able to find your private key as private key is the access to your wallet (login).
For keeping your online banking information safe, you must keep your private keys safe. Else, anyone with the keys can “login” (access) your “account” (wallet) and take all your money from the bank account.
The main function of the public key is to encrypt all the information sent from a browser to a website server. This information gets decrypted on the server side with the Private Key. Both the keys work on keeping the communication secure and the pair is only successful when both are functioning. In fact, one key will not work without the other.
How the keys work?
To explain the working of keys, let me give you example. When a visitor fills information on the website which is secured, all the information is submitted to the server. All the information is encrypted and public key protects it from eavesdropping. It remains in server until it is decrypted by the private key and passed over for further processing. To make sure that transmitted message cannot be decrypted by any scammer or hacker, the pair of keys must be unique and non-forgeable.
How do I get the Private key in the first place?
After receiving SSL certificate, your first task is to find your private key. The Private Key is generated with your Certificate Signing Request (CSR). Just after the activation of your certificate, the CSR is submitted to the Certificate Authority. You will need your private key for Certificate installation and it is essential to keep private key safe and secret on your device or your server.
If you are not sure how to find your private key provided by the Extended Validation SSL Certificate then you generate a CSR on your server. You can find your private key on a designated location. You are required to go through the early steps involved in creating a new CSR to find the correct directory. After this step, it is simple and matter of navigating to it.
It is important to mention here that all Certificates except Multi-Domains support Private Key generation in your browser. At the time of SSL activation, the key is always saved but you will not get this information. If you are using in-browser automatic generation method, it is extremely important for you to keep your private key safe. In case you lose your private key file, you will have to re-issue your certificate.
What if I lose my private key?
It is a tedious effort to find your private key in case you lose it. You can generate a new private key and CSR (certificate signing request), or use the automatic CSR and key generation during Certificate reissue. The domain name, public key and additional contact information is present in CSR. For validation process, the CSR is to be sent to the certificate authority just after signing in and after the certificate activation. Note that the option for generating a new private key is not available for Multi Domains but can be used for all certificates.
Sometimes, you can avoid the hassle of generating the new private key. If your domain name is hosted on an IIS (Microsoft Internet Information Services) environment, you can follow simple steps to restore it. The instruction manual that is provided by Certificate Authority such as Comodo, you can follow instructions that can help you restore your private key.
In case you are using WHM with root access and CSR code has been generated there then there is simple way that can help you find your private key. The RSA Private Key should be fetched during DV SSL Certificates installation. You are required to follow simple step of pasting the domain name and use “fetch” option which will automatically fill in a corresponding box. Another simple way is to ask your webhosting provider or server admin for assistance. It is worthy to mention here that prior to the installation of your reissued certificate; you must make ensure that old one is completely removed from the server.
What does the Private Key look like?
Private key is like a block of encoded data. It may have headers at start or end. They begin like BEGIN RSA PRIVATE KEY—– and —–END RSA PRIVATE KEY—–.
At the time of generation of CSR, the code may not be visible to you. It is mostly obvious that code gets generated in the background with the CSR. The code is automatically saved on your server. It is quite possible that system fills the corresponding field automatically. This is usually done at the time of installation of your certificate. Most of the time, the installation is done on cPanel.
The way the whole process of installation works depend on the type of your web server, control panel, or any other tools used for CSR generation. You can select the one that is most suitable to your system.