Is the generated certificate password protected?


#1

I have generated a certificate with certbot. Is it password protected?


#2

Hi @minas1,

The certificate generated by Certbot and used by your webserver is not password protected - it only contains non-secret material and can be shared widely :slight_smile:

The private key generated by Certbot that goes alongside the certificate is also not password protected. It is protected only by filesystem permissions and shouldn’t be shared.

You might wonder why the private key doesn’t have a password on it - the answer is that your webserver and any other software that needs to use the private key would have to ask you for the password first when it was started up, or restarted. I’m not aware of any webserver software that supports that. It would also make automation very difficult and that’s a primary goal for Let’s Encrypt and Certbot.

Hope that answers your question!


#3

It does.

Thank you very much!


#4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.