Hello,
Since I've never purchased a SSL certificate from CA, I am just curious the procedure...
So here is my understanding...
1. In IIS, under Server Certificates, create certificate request.
2. Enter proper information, and save the request file.
3. The request file(CSR) contains the site information, and public key.(NOT private key)
4. So I send this CSR/file content to a CA for approval...
So here is my question comes up...let's say...the CA approved my request,..then they are supposed to send a signed certificate to me so I can install it on my server for SSL connection right? ..then how are they supposed to create a certificate file without
private key?
I noticed that under my certification manager MMC, I see the request I just created under Certificate Enrollment Requests\Certificates folder.... obviously, since this is my local machine folder, it says "you have a private key that corresponds to this certificate".
The generated CSR doesn't contain the private key..then how the CA are supposed to create a certificate file?..Once they send the signed certificate file based on the CSR information I requested, I guess, I need to import it in my server..but the signed
file doesn't contain the private key, because they never received it, then how does it work?
Is there any sort of action I need to follow up, things like....once I get the signed certificate file from the CA, then somehow I need to merge it with my local certificate file under Certificate Enrollment Requests\Certificates to complete??
Well..hope you know what I am trying to ask....
Just out of curiosity...just would like to understand whole procedure clearly.
Thanks,