Public and private keys


#1

Hello!
after running: certbot-auto certonly --manual
Generated:
cert.pem
chain.pem
fullchain.pem
privkey.pem

I do not quite understand where the public key and private key, which I have put on the hosting


#2

Can you provide a little detail about your hosting and webserver ? then we can probably more accurtately tell you exactly which one you need.

cert.pem contains the server certificate by itself
chain.pem contains the additional intermediate certificate or certificates that web browsers will need in order to validate the server certificate
fullchain.pem All certificates, including server certificate (aka leaf certificate or end-entity certificate). The server certificate is the first one in this file, followed by any intermediates.
privkey.pem Private key for the certificate.


#3
  • cert.pem is the certificate for your domain and, among others, contains your public key;
  • chain.pem contains the intermediate certificate, the certificate from Let’s Encrypt containing the public key which is “coupled” to the private key which signed your certificate (the one above). This intermediate certificate is required for clients to verify your certificate;
  • fullchain.pem is a concatenation of cert.pem and chain.pem in one file. In most servers you’ll specify this file as the certificate, so the entire chain will be send at once. Some clients require you to specify the above two files separate. In that case you won’t need fullchain.pem;
  • privkey.pem is, no shocker here, your private key, linked to the public key which is stored in your certificate.

#4

I think there’s a typo here and you mean "a concatenation of cert.pem and chain.pem"


#5

Yes, of course :wink: The “full” part was probably stuck in my head :stuck_out_tongue:


#6

Thanks to all!
My hoster obscure.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.