For people developing crypto software (or those learning more about crypto in general), it can be extremely helpful to be able to view the structure of private keys. It provides a concrete connection between theoretical and practical crypto. I hate black boxes. 
2 Likes
In a development environment you can do a lot of things that would be unthinkable in production.
So, of course, yeah: you can see a private key, but you shouldn’t see the private key. 
4 Likes
Exactly. 
It’s a bit like studying cadavers. The subject is already dead. Attempting to revive the subject after the autopsy is a terrible idea.
2 Likes
@freessltools.com is your tool open source? Because if I can integrate this directly into my website then that would be awesome. L
2 Likes
@freessltools.com thanks for your reply. @_az on infinityfree I just tried issuing a certificate so that I can tell the steps here and hoping someone will help me with that.
- I enter my domain w/o www.
- It shows me two CNAME records as below
_acme-challenge => <somerandom_alphanum>_acme.infinityfree.net
And
_acme-challenge.www => <somerandom_alphanum>_acme.infinityfree.net
- I enter those CNAME in my cPanel and wait for verification. Once it’s ready I can request for SSL cert.
- It shows my private key and cert key which I should enter in cpanel and redirect HTTP to HTTPS.
Now what I want is I want to replicate this system.
Even if the infinityfree.net here
<somerandom_alphanum>_acme.infinityfree.net
is changed I don’t have any prob.
Thanks!!!
2 Likes
You should be generating your private key and certificate signing request (CSR) on the server where the certificate will be installed. That way your private key never leaves the server. This can be accomplished via openssl and can be easily (and generically) scripted:
- openssl genrsa -out private.key 4096
- openssl req -new -key private.key -out your.csr
Be sure that private.key ends up where you need it on your server. The other option is just to generate the private key and CSR in the corresponding pages of SSL in cPanel, which will automatically put things where they belong.
You then either:
- Configure a Let’s Encrypt acme client elsewhere (e.g. certbot)
OR - Use a free online Let’s Encrypt acme client like the one at my website that ONLY requires your CSR (AND NOT YOUR PRIVATE KEY)
Critical: You should never trust any online site or other untrusted method to generate your private keys when constructing a CSR because you have zero security by doing so.
3 Likes
Yeah I understand that. But is there any way to generate certs using domain name instead of CSR. If there is a way to generate the cert with domain name that would be great. Or else I should go with CSR method.
2 Likes
@Sarveshmrao Let’s Encrypt technically requires a CSR in the communication with the ACME server. However, most local clients (like certbot or acme.sh) generate this CSR for you internally without you ever knowing about it.
You might want to take a closer look at acme.sh, an all-Bash script which can do DNS challenges and has a cPanel API deploy script. Not sure if an Infinity Free DNS script exists though.
2 Likes
@Osiris thanks for your answer now I understood. Also I think in infinityfree the tool asks for domain name and generates the CSR and private key itself. (Maybe using something like openssl)
I have some questions now.
-
Is there any limit for getting SSL certs for an organisation. If so, what’s the limit?
-
Can I put my hosting company name as org name and get certs for my clients w/o asking them?
-
Is there any limit for getting SSL certs for an email. If so, what’s the limit.
Then to @freessltools.com,
-
Does the value change in the second step when I resubmit the same CSR?
-
What to do for www? Can I just add .www to the _acme-challenge with the same value?
-
I really really need the source code or some kind of API for your tool because your tool solves everything.
Thanks!
2 Likes
- You don't want to resubmit the same CSR when getting different certificates (e.g. when trying to renew) because you want to have a new public key in the CSR (by generating a new private key before/during generation of the CSR). I can tell you having deconstructed hundreds of CSRs on the byte-level that they do not contain timestamps, nonces, or any other changing data, so unless some details about your domain itself change (e.g. new company name), the only thing that will vary inside the CSR is the public key.
Not exactly. If you are certifying example.com and www.example.com, you would need a separate challenge value for each. Personally I just do example.com and *.example.com where each has a separate DNS value, but both use _acme-challenge as the host/name.
My code is proprietary and still under development. I can direct you to a fantastic resource at https://gethttpsforfree.com that performs the entire acme cert process client-side in Javascript! It takes quite a bit of study, but it's all there complete in one place just by viewing the source and with comments and explanations too.
2 Likes
You'll see that pretty much all of these are based around domain names (so if you're getting certificates for hosting clients who have their own domains, you shouldn't run into trouble here).
The organization name in the certificate isn't used at all by Let's Encrypt.
If your clients' domains have A records pointed at your server, you can get certificates for them without asking. (Under the Let's Encrypt terms of service, you have to believe that the domain owner wants you to do this. — That's just an informal summary of the concept.)
Did you mean e-mail certificates (whose subject is an e-mail address), or certificates requested by a single Let's Encrypt account?
For the first case, Let's Encrypt doesn't issue this type of certificate at all.
For the second case, it's described in the rate limits document I linked above, and you will probably not hit the limits. 
3 Likes
This is usually true for most Let's Encrypt users, but it isn't a policy requirement from the CA and you occasionally find users who want to do it the other way around (keeping the same subject key). That is fine from Let's Encrypt's and industry standards' point of view, although it isn't the default behavior of clients like Certbot.
There was more interest in reusing subject keys when HPKP was implemented in browsers
but nowadays I suppose it's mostly used by embedded devices with very limited software support.
4 Likes
Interesting. So much of which I am unaware. I am mostly concerned with forward secrecy. If a private key gets compromised at least only a bit of damage might occur if it’s short-lived. Honestly though, for RSA it’s only the modulus (n) that usually changes anyhow. Should just be an update routine to change the modulus rather than issue everything anew.
1 Like
That’s a good traditional reason for rotating keys, but fortunately most TLS sessions nowadays are also preferring ciphersuites with Diffie-Hellman key exchanges where the session key can’t be reconstructed from the long-lived private key.
4 Likes
You generate a private key (an account key) then extract the public key from it and use that. You need to use that private key to sign the data for each step. This private key is NOT the one for the certificate. It is a key you reuse for your Let’s Encrypt account.
I will warn you that the site I recommended is not fast or easy to use, but it is complete and super educational.
2 Likes
True. DH does solve the longevity issue. Hopefully it doesn’t falter anytime soon. 
2 Likes
@freessltools.com
What I say resubmit is like let the user continue after seeing DNS records.
Like first generate the CSR then show DNS records then stop that and once the user sets records again continue and validate the records.
2 Likes
Ah. You’re speaking of validating the challenge has been met after adding the records. Between you and me, the CSR is actually submitted to Let’s Encrypt AFTER the challenge has been verified during the finalization process for the certificate order. The only reason most acme clients have you submit it at the beginning is to extract the common name (CN) and Subject Alternative Names (SANs).
3 Likes
@freessltools.com
Then is that possible?
Like first submit the CSR and wait for verification in your site then again submit it verify because I noticed that even when submitting the same CSR the value changes.
1 Like