Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Today is friday and I'm a desperate sysadmin. I issued a demand of certificate for an HTTPS server, and just received it after more than a long week of waiting, but while my request was processed I lost the passphrase that secured my private key.
Given that I have the private key and the public key jointly generated with the passphrase (that I knew by the time), could there be a clever way to recover the lost passphrase.
Thanks in advance.
Not really. The point of these protection is precisely to make it infeasible to recover the password.
If the password wasn't too long, you might try brute force...
Your best option is probably to contact your CA and ask them to re-issue a certificate with a new CSR. Some might allow re-keying without an extra fee during the certificate validity period.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I've set up a TLS server in Go using a custom generated certificate/key pair. Is there an easy way for me to test that the content of my HTTP requests to this server is indeed encrypted when it gets sent out over the network? For my own sanity I'd like to compare and contrast the content of the packets when I use TLS vs normal HTTP.
You can use a sniffer, here are two: Charles Proxy, it has a 30 day free trial period and is easy to use. Or WireShark, it is free and you will hate using it.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
What is the point of allowing ssh-keygen to generate empty passphrase keys when it is not recommended to use such keys for remote login? What situations would such keys be useful for?
The passphrase protects the key in its storage on your local computer.
Even without a passphrase, a key is still better than a password, as it can only be "stolen" if someone has physical access to your computer (or at least some kind of network access to the files on your computer), whereas a password can be brute-forced (or leaked from any number of places in case you re-use passwords).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I would like to know if the public key depends on the used account. In other words, do I really have to use the same account on the server and the client when I add my public key (id_rsa.pub) in authorized_keys on the server?
Thanks.
The accounts don't matter. All that matters is that the client key is in the server account's authorized_keys file.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I have a simple question that I should know but I just want to make sure.
I want to buy an ssl certificate but when I called them up to order it they asked me if I wanted the certificate for "example.ca" or "www.example.ca". Not wanting to make a mistake I decided to get clarification from the experts here.
I had not expected this type of question for I believed that they were both virtually identical but after being asked this question I would also like to know in terms of programming if there should be anything else I should know about the difference between the two.
Thanks everyone
Get the certificate issued for www.example.ca, but make sure the vendor will issue you a certificate that includes the base example.ca domain name as a subject alt name. I know that GoDaddy's certificates do this, but you can check with other vendors as they probably do the same. Do not pay the extra cash for a SAN (Subject Alt Name) certificates. These are meant for people trying to protect multiple distinct hostnames (e.g. www.example.ca, www.otherexample.ca).
In terms of programming, some servers may require a separate IP address for each subdomain, so www.example.ca would be different from shop.example.ca.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
i was in the process of installing a new ssl certificate via plesk and deleted it, i forgot to save the private key that was generated with the csr that was used to issue the certificate. does that mean i now have to generate a new csr, and have the certificate provider re-issue a new one?
Yes, you'd need to start over. Certificate Authorities usually offer a second (backup) try for free (for cases like yours).