On Wednesday 16 Apr 2014 18:56:57 Tanstaafl wrote: > On 4/16/2014 7:14 AM, Matti Nykyri <[email protected]> wrote: > > On Apr 16, 2014, at 13:52, Tanstaafl <[email protected]> wrote: > >> Or will simply replacing my self-signed certs with the new real ones be > >> good enough? > > > > No it will not. Keys are te ones that have been compromised. You need > > to create new keys. With those keys you need to create certificate > > request. Then you send that request to certificate authority for > > signing and publishing in their crl. When you receive the signed > > certificate you can start using it with your key. Never send your key > > to CA or expect to get a key from them. > > Ok, thanks... > > But... if I do this (create a new key-pair and CR), will this > immediately invalidate my old ones (ie, will my current production > server stop working until I get the new certs installed)?
You have not explained your PKI set up. Creating a new private key and CSR is just another private key and CSR. If you replace either the private CA key on the server, or any of its certificates chain, but leave the path in your vhosts pointing to the old key/certificate that no longer exist you will of course break the server. Apache will refuse to restart and warn you about borked paths. > I'm guessing not (or else there would be a lot of downtime for lots of > sites involved) - but I've only ever done this once (created the > key-pair, CR and self-signed keys) a long time ago, so want to make sure > I don't shoot myself in the foot... Yes, better be safe with production machines. However, don't take too long because your private key(s) are potentially already compromised. > I have created new self-=signed certs a couple of times since creating > the original key-pair+CR, but never created a new key-pair/CR... > > > There are also other algorithms the RSA. And also if you wan't to get > > PFS you will need to consider your setup, certificate and security > > model. > > What is PFS? http://en.wikipedia.org/wiki/Forward_secrecy I'm no mathematical genius to understand cryptography at anything more than a superficial level, but I thought that ECDS, that PFS for TLS depends on, was compromised from inception by the NSA? Perhaps only some ECDS were, I am not really sure. I remember reading somewhere (was it Schneier?) that RSA is probably a better bet these days. I'd also appreciate some views from the better informed members of the list because there's a lot of FUD and tin hats flying around in the post Snowden era. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
