Flow for purchasing an SSL Certificate

security ssl ssl-certificate openssl amazon-ec2

Solution 1:

CSR stands for Certificate Signing Request, and you've pretty much got it.

The CSR is just for throwing at the Certificate Authority; it contains your public certificate, but not in a form that's useful for anything other than sending to get it signed.

They'll sign it and send back your public certificate file, which will be .pem or .crt. That will be the public certificate sent out to each client system that requests a page. It will contain the info you've defined in that page (CN and organization details) as well as the stuff that they add from the CA (where clients can get the parent cert, certificate revocation list locations, allowed usages of the certificate, etc).

The .key is the private key for the certificate, in its final form. You'll feed that to the web server as the private key, and it's used for decryption of data sent in by clients, encryption of data sent to clients, and signing of data for authentication.

Related

Minimum access rights for generating schema creation scripts
Transitioning from Finance to IT careers - degree required? [closed]
Online EXT4 on LVM resize
How to stop backscatter email spam
Proper permissions for two developer team on PHP5 Apache Linux server
What can I do with an IP address of a visitor that tried to access a shell exploit that was planted on my system?
dig: "Transfer failed."
Enable Remote Login (SSH) without GUI on a Mac
When is it appropriate to run chkdsk?
How to convert a postgres database to sqlite
RAID1 performance with madam
Vmware memory usage shows differently from linux