Signature and Exchange key types– what are they and when to use each ( Makecert -sky )?

.net certificate pki
user437291 picture user437291 · Nov 23, 2010 · Viewed 11k times · Source

-sky switch Specifies the subject's key type, which must be signature, exchange, or an integer that represents a provider type. By default, you can pass 1 for an exchange key and 2 for a signature key.

If I understand this correctly, then signature and exchange are two key types? In what situations is each used?

thank you

Answer

StuckOverflow picture StuckOverflow · Nov 29, 2012

That is correct, these are the two type of asymmetric keys (public/private keys). Asymmetric keys are generally used for two purposes, 1)encrypt session keys 2)creating a digital signature

When talking about the key type: Exchange = encrypt session keys Signature = create digital signature

Here is a link that has a good explanation. Asymmetric Keys

Related questions

A certificate chain could not be built to a trusted root authority

During the installation of .NET Framework 4.6.2, I got an error: .NET Framework installation failed: -2146762486. A certificate chain could not be built to a trusted root authority A solution to the above-mentioned error is given at this MSDN Blog link, …

Read More
How can I create a self-signed certificate using C#?

I need to create a self-signed certificate (for local encryption - it's not used to secure communications), using C#. I've seen some implementations that use P/Invoke with Crypt32.dll, but they are complicated and it's hard to update the …

Read More
How can I install a certificate into the local machine store programmatically using c#?

I have a certificate generated via MakeCert. I want to use this certificate for WCF message security using PeerTrust. How can I programmatically install the certificate into the "trusted people" local machine certificate store using c# or .NET? I have …

Read More