0

Can some one help me understand the step by step process on CSR signature verification process by Certificate Authority?

  1. Is the contents of the CSR hashed and signed by the server's private key?
  2. Is the CSR encrypted?
  3. Is the CSR transported in clear text to CA to re-hash and verify the contents?
  4. How does CA verifies the hash of the signed CSR?

Explanation about step by step process is greatly appreciated.

Vignesh Ramanan
  • 21
  • 2

1 Answers1

1

Is the contents of the CSR hashed and signed by the server's private key?

Yes

Is the CSR encrypted?

No

Is the CSR transported in clear text to CA to re-hash and verify the contents?

Yes

How does CA verifies the hash of the signed CSR?

The CSR is signed with the server's private key. To verify the signature the server's public key is needed. This key is contained in the CSR. Note that this signature only proves that the creator of the CSR has access to the private key matching the public key in the certificate - it does not provide any proof of ownership of a domain or similar.

Steffen Ullrich
  • 184,332
  • 29
  • 363
  • 424