1

We have a Cisco 3000 VPN concentrator and use the Cisco VPN client to generate certificate requests, which we then create/authenticate on our certificate server.

When the help desk generates the request, they sometimes email that to me, then I generate the certificate on the server. Does the request need to be encrypted? Until the certificate gets generated is there something in the request itself that would need to remain secret?

Thank you.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
Kernel Panic
  • 291
  • 2
  • 8
  • 19

1 Answers1

5

No, the certificate signing request does not need to be encrypted, the certificate itself doesn't need to be encrypted. Only the private key associated with the CSR/CERT needs to be protected, and that should never be transmitted to another host.

Zoredache
  • 130,897
  • 41
  • 276
  • 420