19 Feb
2017
19 Feb
'17
8:24 a.m.
On 2/17/17 1:38 PM, chaouche yacine wrote:
Seems wrong to me too, Robert. If you put your private key inside your certificate, won't it be sent to the client along with it ?
No; any SSL software that uses the file will extract the parts it needs from it and convert them to its internal format for future use. It never literally sends the file contents anywhere.
It's common and often recommended for a PEM file to contain everything needed; see, for example, the bottom section of:
https://www.digicert.com/ssl-support/pem-ssl-creation.htm
Doing this avoids the key and certificate files getting out of sync later.
-- Robert L Mathews, Tiger Technologies, http://www.tigertech.net/