Private Key vs Public Key vs Certificate
- public key is
- included in the generated private key.
- included in the certificate signing request and the certificate.
- private key is NOT in csr or cert
- csr and cert only need public key, private key should NOT be included.
Generate the private/public key at the device, and generate a certificate signing request (CSR) for that keypair. The CSR should be used to create a CertificateRequest resource which cert-manager will consume and create a certificate.
No private key material shall be sent over the network.
Certificate vs Key
A certificate contains a public key, plus additional information such as issuer, what the certificate is supposed to be used for, etc.
Why certificates: bind a public key to an individual subject.