| |
Is it possible to retrieve the private key from a certificate? |
|
|
Subject: Is it possible to retrieve the private key from a certificate?
Author: X509
In response to: How to verify/validate/trust a certificate?
Posted on: 05/01/2007 08:01:55 PM
No for most cases, but maybe yes if the certificate is in form of .PEM, .pfx or .P12.
>
> On 05/01/2007 08:00:57 PM X509 wrote:
Simply two ways:
1) by checking the authenticity of the signature of the issuer: Use issuer's public key to hash the signature into two sets of hashes (take TSL for example, one from MD5 and one from SHA-1) and compare them. If there is a match, the signature is authentic, otherwise it's not. In order to get the issuer's public key, you most likely need another certificate which is issued to the first certificate's issuer. Then the question is back to how to verify/validate/trust the issuer's certificate. The answer is to use another certificate. You see it's a chain and eventually you are deemed to reach the top of the chain, the Certificate Authority (CA) certificate, which is self-signed certificate. How to trust a CA certificate, the answer is 2).
2) by heart: In GOD We Trust.
References:
|
|
|
|
