Does deleting a keystore alias result in the CSR being useless

Question

I've created a new keystore with the keytool command and had given an alias of tomcat. I generated the CSR for sending to the CA to issue a certificate.

In the meantime, we've deleted the alias named tomcat from the keystore.

I fear this makes the certificate received from the CA now useless. As the alias which has been deleted contained the private key and/or associated link to the CSR.

I still have the keystore, and have created a new alias and change alias to the same name as originally used 'tomcat'. But I suspect this is not good, and I will now need to create an entire new keystore to create another CSR to request a new certificate.

Any help please, I do not have much experience with keystores as you can imagine.

Thank you.

score 0 · Answer 1 · answered Aug 19 '20 at 17:32

0

Yes, your key is lost.

The Alias is just a name given to the binary blob which contains all the information. The CSR belongs to this specific private key. You would get back a valid certificate from your CA but this is mostly useless without the private key you already deleted.

Creating another key with the same alias does not help. It is as if you would remove the name sticker from box A and put it on box B.

answered Aug 19 '20 at 17:32

C.B.

21
5

Thanks for the explanation C.B. As I had feared but at least I know now. – alb Aug 20 '20 at 18:30

Does deleting a keystore alias result in the CSR being useless

1 Answers1