I've seen questions Is it true that certificates requested with a specific CSR can only be used on the machine where the CSR was generated? and CSR generation origin? and Generate CSR code on local machine ; I've also seen https://serverfault.com/questions/471289/must-csrs-be-generated-on-the-server-that-will-host-the-ssl-certificate - but these answers don't explain why majority of instructions for generating CSRs insist that the generation is performed on the specific platform/machine (e.g., look at https://knowledge.rapidssl.com/support/ssl-certificate-support/index?page=content&id=SO6506 or https://nz.godaddy.com/help/windows-generate-csr-for-code-or-driver-signing-certificate-7282 , and many others).
If this were, as I assume, only for convenience sake (i.e., to use specific instructions/tolls available on a platform), it'd be understandable - but, e.g., the godaddy instructions (one of the links above) explicitly says, for a signing certificate, "It's important that you generate the CSR from your local machine and not from the web server you're using to host the file" - why would that matter?
As far as I understand, all that matters is the possession of the private key. So - are these platform/box-specific instruction just for convenience sake and to ensure the security of the private key is not compromised while moving it between machines?
- 33
- 1
- 6
-
1I think you are misinterpreting the instructions from GoDaddy. These instructions refer to a code signing certificate and not a web server certificate. And of course you should not put the private key used for signing your code on the web server where you host the signed file for download but instead sign the code locally on your machine and keep the key only there. – Steffen Ullrich Apr 22 '17 at 04:23
-
I understand the difference in purpose for signing and SSL/TSL certificates. GoDaddy instruction that I referred to is indeed for signing - but whether I require a signing or SSL certificate, there is no need, as far as I can see, for the CSR to be generated on the machine that will use the private key for signing. It could be generated anywhere and then imported into whatever keystore on the machine that will use it. So my question still stands. – Sasha Apr 22 '17 at 05:38
-
Hi Steffen; just to clarify - yes of course you'd not want to keep the private key anywhere other than on the machine that will use it, but this does not mean the key and the CSR have to be generated on that machine. So I guess the intention behind GoDaddy instruction can be interpreted in the way you suggest. But I'd rather all these CAs explicitly said "Generate CSR in whatever way you want and on any platform and host, but make sure the private key is securely moved to and kept on the host that will use it. And install the certificate on that host if needed". That would remove the "magic". – Sasha Apr 22 '17 at 05:58
-
I think there are "power users" who understand the concepts and know not to use the private key in the wrong place. These users know how to generate a CSR usually anyway and does not need the instructions. And then there is the average user who has no understanding of the concepts. The instructions are targeted at these users and try to make it simple for them, and the simplest case is to generate and keep the private key at the machine where it is actually needed. Telling them that it could be done otherwise and why and how is just too confusing for these and likely leads to more problems. – Steffen Ullrich Apr 22 '17 at 06:03
-
Thanks, Steffen. I guess this is indeed the case. Too bad that in cases when certificates are needed in high-availability clustered environments, such instructions could lead people to believe they need a different CSR and different certificate and private key for each load balancer (if that's where SSL is terminated) and host (which may need it for both SSL and signing) in the cluster. – Sasha Apr 22 '17 at 06:59
-
That might be an unintended but positive side effect from the perspective of the CA selling the certificates. But maybe administrators which manage such higher value systems should also have a deeper knowledge of what CSR, private key etc is and especially how to minimize the risk when the same private key is used on multiple systems. – Steffen Ullrich Apr 22 '17 at 07:13
2 Answers
Generating CSR is not platform specific, it's true as you say, that you only need the primary key and private key isn't tied to a specific machine.
However, especially in a beginner's tutorial, there are a couple of reasons why this advice can be sensible:
It limits the private key to just the machine that will use it. You won't have copies of the key lying around in machines that shouldn't have them, which can become another avenue of key leaks.
It increases the likelihood that you'll be generating the key in the right format for the software that's going to use them. If you have openssl on the server, the key generation tool from openssl will generate pem files instead of pkcs12. While it's not too difficult to convert between formats, this reduces friction for less knowledgeable users.
Telling people to generate keys at the place it's going to be used achieve these goals while being fairly simple for less knowledgeable customers to follow and produce good security for them.
- 31,089
- 6
- 68
- 93
-
Thanks; this covers that case. I wish I could also accept as an answer comments Steffen and John have made, as all point in the same direction. – Sasha Apr 23 '17 at 19:44
A CSR is just a signing request, as long as you have the private key used for the CSR, the signed certificate you get via that CSR and they key can be used anywhere on any machine.
By telling users to do all of those things on the same machine, they are less prone to use the wrong combination of keys and certs, which means less support calls for the CA.
- 820
- 4
- 7
-
Thanks, Johh; I understand that - the links from this site and from serverfault that I referred to in my question confirm this. I was just wondering whether the reason for instructions on RapidSSL, Digicert, GoDaddy and many others that talk about generating CSRs on the plarform/host where they will be used just for convenience sake and security of the private key. – Sasha Apr 22 '17 at 05:41
-
It's for people that don't know how servers, PKI or anything else works. This way, the key will always remain on the server where they end up installing the cert, so in theory it will work better for people with less knowledge, thus lightening the load on the CA's call centers for support. – John Keates Apr 23 '17 at 12:17