What is a Private Key?
A Private Key is one part of a pair of keys used for text encryption and decryption, the other being the public key (the SSL/TLS certificate). With SSL/TLS certificates, incoming and outgoing information goes through the public key and is encrypted into nonsensical code. The public key is accessible publicly as there is no risk of data breach; the public key simply encrypts incoming information and cannot do anything with such information alone. The Private Key, located on the server, decrypts that incoming information into readable text. The Private Key is located on the server and is not accessible by anyone except those with server access.
For more information on Private Keys, click here.
How do I find my Private Key?
The Private Key is always generated alongside the CSR as a pair. The exact location of your Private Key depends on the server it was generated on.
Most server types and tools:
Upon generating a CSR, the Private Key will be located in the same directory as the CSR.
Microsoft Server IIS:
Upon generating a CSR and Private Key pair on IIS, the CSR is provided to you in PEM format and the Private Key is stored in the Keystore. The Keystore is inaccessible by the system user, so the Private Key cannot be simply accessed in this case. However, this is generally not necessary as installing an SSL Certificate on IIS automatically pairs it with its matching Private Key. However, if you do need to access the Private Key, simply create a .p7b file out of your SSL Certificate and CA Bundle, install it on IIS, then export as .pfx to have access to the Private Key.
I lost my Private Key, what now?
Not a problem, all SSL Certificates sold by Trustico® include unlimited issuance insurance – meaning you can reissue your SSL Certificate with a new CSR at any time, free of charge!