You should have a backup copy of your keypair in a secure location (e.g. fire safe, Safe Deposit box). If not, that keypair is lost and you will have to generate a new pair and re-distribute the Public key. You can also include a pre-saved Key Revocation Certificate (KRC) with the new Public key to revoke any copies of the old Public key that other users may have.

Your private key is encrypted using that passphrase. Each time your private key is needed, you have to type your passphrase to temporary unlock your private key.

This is NOT A Good Thing!!! If someone, somehow were to get a copy of your Private key and Passphrase they could essentially act as you in regards to all electronic communications. They could read the your encrypted files and e-mails and digitally sign files and e-mails as you. If this happens you should immediately notify any and all persons with whom you communicate using that key.

Firstly you should be really *really* sure you want to do this. Leaving a private key unencrypted is a major security risk. If you decide that you do have to do this check the EXAMPLES sections of the rsa(1) and dsa(1) manual pages.

If you loose your key, please email or call us to arrange for a way for us to get your order back to you. We will charge you a $25 lost key fee. If you find the key, please let us know and we will refund $15 back to you upon receiving the found key.

A private key is generated on your server when you generate your CSR. On Windows servers the private key is contained in the 'Pending Request'. As the name implies, the private key is indeed private and therefore should never be publicly available. You must use the exact same private key with your certificate when you install the certificate files we issue to you. If the private key is deleted or lost then the certificate will not work.

For security reasons we would need to change locks and keys. Guests are fully responsible for the extra costs that inflicts.

DigiVault, security is of utmost importance. Therefore, if you misplace your 'encryption key' we will be unable to restore any of your data stored on our servers.

Note: I am not a lawyer and cannot give legal advice. See a lawyer if you need legal advice. The following is the best information I have obtained on the subject. far as United States law is concerned, a key that is written down can be subpoenaed. As for a key that is memorized, no one seems to know for sure. There is an interesting paper on this question "Self Incrimination and Cryptographic Keys" by Greg S. Sergienko, 2 RICH. J.L. & TECH. 1 (1996), http://www.urich.

TRUSTMatrix Business Edition does provide the content recovery feature. It is a feature which enabled the organization the user works in has the capability to decrypt any encryption documents without the present of the user decryption key.

Private Keys are not easily viewed simply because they need to remain secure. They exist for the most part in an encrypted state within the registry of the Operating System. However, if specified at the time of key pair generation, it is possible to export a Private Key as a data file for backup purposes. Like any cryptographic key, Private Keys are simply long, random numbers.

When you generate your Digital Certificate's private key at collection time, the software you use (such as your browser) will probably ask you for a password. This password protects access to your private key. For Internet Explorer users, your private key is normally protected by your Windows password. i. having access to the file your key is stored in (which is usually part of your system's configuration information) and ii. Knowing your private password.

HKUCA issues 1024-bit RSA private keys and public keys which are very strong cryptographically, i.e. it is practically impossible for anyone to break a 1024-bit key within the life-time of the key. You must keep your HKU Smart Card and HKU-Cert CD in a safe place.

First check your backups and see if you can re-install the "private key". If you don't know how to re-install the key from your backups, then contact your systems administrator. Failing that, contact your web server software vendor for technical support. The only alternative course of action available is to reissue an SSL certificate following the re-submitting of a replacement CSR.

If you want to use your private key on public PCs, we strongly recommend you not to install the private key there. Instead, put your private key on your CU Link. You can then send/read secure e-mail on those PCs while your private key will never leave your CU Link.

There is no way to recover your private key from either your Digital Certificate or your public key. That is why private key is so important that you must take precautions against losing it accidentally or due to hard disk corruption, virus infection, etc. If you lose your private key, you cannot sign digital signature, nor read messages encrypted with your public key. If you selected the Basic (Default) Option during certificate application, your private key was generated and backed up by ITSC.

appropriately trusted program on your computer or server or cryptographic hardware device usually generates a pair of keys. The public key will be submitted to IDRBT CA along with the request for a digital certificate.

The most painful bit. See also here. I'll describe the openssl mechanism: generate the private key (a 1024 bit key is used in this example)> openssl genrsa -out my_private_key.pem 1024 convert the private key into DER format> openssl rsa -in ./my_private_key.pem -out ./my_private_key -outform DERgenerate the certificate request using the previously generated private key> openssl req -new -key my_private_key.pem -out my_cert_req.

Protect your computer from unauthorised access by keeping it physically secure. Use access control products or operating system protection features (such as a system password). Take measures to protect your computer from viruses, because a virus may be able to attack a private key. Always chose to protect your private key with a good password. See http://csrc.nist.gov/publications/nistbul/csl96-08.txt concerning private key security and http://csrc.nist.gov/publications/nistbul/csl90-08.

Your private key is typically stored in encrypted format in a Preferences or Configuration file that can only be unlocked (decrypted) using your private key password. For example, for Netscape version 3.0 for Macintosh, it is stored in the Security sub-folder of the Netscape folder (in the Mac Preferences folder) in a file named "Key Database." Different programs may store your private key in different places.

If you used a good password to protect your private key, then it is unlikely that the thief will be able to use your private key. However, you should still contact the CA that issued your certificate and request that it revoke your certificate and issue you a new one (with a new public and private key). Immediately notify your CA that your key has been compromised. It will arrange to revoke your certificate and get you a new one.

This is a collection of the quesions people most commonly ask me. Perhaps you were wondering about these topics yourself, but "didn't want pry." I hope this page helps satisfy any lingering curiousity you may have! :)

If you are an organisation, you can create an address book that contains public keys of all users and distribute the address book itself so that individual users need not distribute individually. WonderCrypt provides an easy to use export / import interface for this task. Whenever you send a signed mail or file to anyone, your public key automatically gets attached to your signed document. The recipient thus receives your public key and can install it to use it.

If you loose it there is no possibility of restoring it and no other way to unlock your computer. So make sure you make a backup of the generated key. This special protective measure it taken for your own benefit by making it impossible for unauthorized users to unlock your computer.

If you do not remember the pass phrase entered during the original buy process, please renew your certificate here. Follow the instructions on the page. This information will help Entrust retrieve the original certificate DN information and let you access the renewal process. Please Note: Using this process will not allow you to view the original contact information that was provided for the associated order.

Post Pass phrase (transaction password) is the password to be used to carry out Funds Transfer transactions or for sending a message to your Personal Banker..