-1

We have a https ssl cert on our IIS server.

  1. Is there any difference between certificates that one exports (without private key) from certmgr vs the cert that one sees in the browser address bar? I see "Algorithm Parameters" field different when I do certdump.

  2. Does giving the exported cert to some third party devs compromise security of my server?

  3. Does this export public key?

tvr
  • 99

1 Answers1

1

  1. No, there is no difference in certificates when you export and view the same certificate.

  2. No, there are no security risks by exposing public part of the certificate. Unless there is sensitive information in the certificate subject.

  3. Yes, public key is always exported with certificate.

Crypt32
  • 6,639
  • 1
  • 15
  • 33