Why is SSLCertificateKeyFile needed for Apache?

security apache pki
Tower picture Tower · Jan 27, 2011 · Viewed 39.5k times · Source

What's the technical reason that SSLCertificateKeyFile is needed (the private key)? Where is that used and for what?

Answer

Shadowman picture Shadowman · Feb 3, 2011

The SSL certificate file contains the X.509 certificate (which, in turn, contains a public key used for encryption). The SSL Certificate Key File contains the private key corresponding to the public key in the certificate. In order for the webserver to encrypt and decrypt traffic, it must have both the public key (certificate) and corresponding private key. Apache, unlike a lot of other server products, stores the key and certificate in separate files. Java-based products, for example, typically use Java KeyStore files, which are an encrypted database containing both the certificate and private key.

Related questions

PHP $_SERVER['HTTP_HOST'] vs. $_SERVER['SERVER_NAME'], am I understanding the man pages correctly?

I did a lot of searching and also read the PHP $_SERVER docs. Do I have this right regarding which to use for my PHP scripts for simple link definitions used throughout my site? $_SERVER['SERVER_NAME'] is based on …

Read More
Is there a way to force apache to return 404 instead of 403?

Is there a way how I can configure the Apache web server to return a 404 (not found) error code instead of 403 (forbidden) for some specific directories which I want to disallow to be accessed? I found some solutions suggesting the …

Read More
Spring security vs Apache Shiro

What I have researched so far most people are saying Apache Shiro is easy to use and easy to integrate with CAS (for SSO etc). Just to ask if anyone has experience using both of them and which one to …

Read More