A private key is generated on your server when you generate your CSR. On Windows servers the private key is contained in the 'Pending Request'. As the name implies, the private key is indeed private and therefore should never be publicly available. You must use the exact same private key with your certificate when you install the certificate files we issue to you. If the private key is deleted or lost then the certificate will not work.

Private Keys are not easily viewed simply because they need to remain secure. They exist for the most part in an encrypted state within the registry of the Operating System. However, if specified at the time of key pair generation, it is possible to export a Private Key as a data file for backup purposes. Like any cryptographic key, Private Keys are simply long, random numbers.

When you generate your Digital Certificate's private key at collection time, the software you use (such as your browser) will probably ask you for a password. This password protects access to your private key. For Internet Explorer users, your private key is normally protected by your Windows password. i. having access to the file your key is stored in (which is usually part of your system's configuration information) and ii. Knowing your private password.

First check your backups and see if you can re-install the "private key". If you don't know how to re-install the key from your backups, then contact your systems administrator. Failing that, contact your web server software vendor for technical support. The only alternative course of action available is to reissue an SSL certificate following the re-submitting of a replacement CSR.

Your private key is encrypted using that passphrase. Each time your private key is needed, you have to type your passphrase to temporary unlock your private key.

If you want to use your private key on public PCs, we strongly recommend you not to install the private key there. Instead, put your private key on your CU Link. You can then send/read secure e-mail on those PCs while your private key will never leave your CU Link.

There is no way to recover your private key from either your Digital Certificate or your public key. That is why private key is so important that you must take precautions against losing it accidentally or due to hard disk corruption, virus infection, etc. If you lose your private key, you cannot sign digital signature, nor read messages encrypted with your public key. If you selected the Basic (Default) Option during certificate application, your private key was generated and backed up by ITSC.

appropriately trusted program on your computer or server or cryptographic hardware device usually generates a pair of keys. The public key will be submitted to IDRBT CA along with the request for a digital certificate.

Protect your computer from unauthorised access by keeping it physically secure. Use access control products or operating system protection features (such as a system password). Take measures to protect your computer from viruses, because a virus may be able to attack a private key. Always chose to protect your private key with a good password. See http://csrc.nist.gov/publications/nistbul/csl96-08.txt concerning private key security and http://csrc.nist.gov/publications/nistbul/csl90-08.

Your private key is typically stored in encrypted format in a Preferences or Configuration file that can only be unlocked (decrypted) using your private key password. For example, for Netscape version 3.0 for Macintosh, it is stored in the Security sub-folder of the Netscape folder (in the Mac Preferences folder) in a file named "Key Database." Different programs may store your private key in different places.

If you used a good password to protect your private key, then it is unlikely that the thief will be able to use your private key. However, you should still contact the CA that issued your certificate and request that it revoke your certificate and issue you a new one (with a new public and private key). Immediately notify your CA that your key has been compromised. It will arrange to revoke your certificate and get you a new one.

If you are an organisation, you can create an address book that contains public keys of all users and distribute the address book itself so that individual users need not distribute individually. WonderCrypt provides an easy to use export / import interface for this task. Whenever you send a signed mail or file to anyone, your public key automatically gets attached to your signed document. The recipient thus receives your public key and can install it to use it.

Firstly you should be really *really* sure you want to do this. Leaving a private key unencrypted is a major security risk. If you decide that you do have to do this check the EXAMPLES sections of the rsa(1) and dsa(1) manual pages.

Each key consists of a "private" and a "public" element, whereas the public part must/can be published; this can be accomplished by so-called key servers where you can request keys with a certain fingerprint.

No. If you have forgotten your private key password, no one can help you. You will have to generate a new set of keys and obtain a new certificate. Any secure E-mail message (S/MIME) encrypted using your public key will be effectively lost. In some cases you might also have to reinstall your E-mail software and Web browser as well.

Use WonderCrypt to create your private and public key pair. WonderCrypt will also create a Certificate Signing Request Log on to a Certificate Authority website to get a digital certificate. In this case the browser e.g. Internet Explorer will create a private key and public key pair, the browser will automatically submit your public key to the Certificate Authority for signing. You will receive back the signed public key that you will get installed in the browser automatically.

Yes. The original PIC (password) supplied by HeSA can be difficult to remember. You are able to change the PIC (password) associated with your private key by importing and exporting the private key file. To view a guideline about changing your PIC (password) for Secure Transfer (including S8 Online) operations, click here. To view information about changing your PIC (password) for Secure Email operations, go to the HeSA web site at: http://www.hesa.com.au/toolkit/faqs/passwords.htm.