logo

Private Key vs Public Key vs Certificate

  • public key is
    • included in the generated private key.
    • included in the certificate signing request and the certificate.
  • private key is NOT in csr or cert
  • csr and cert only need public key, private key should NOT be included.

Generate the private/public key at the device, and generate a certificate signing request (CSR) for that keypair. The CSR should be used to create a CertificateRequest resource which cert-manager will consume and create a certificate.

No private key material shall be sent over the network.

Certificate vs Key

A certificate contains a public key, plus additional information such as issuer, what the certificate is supposed to be used for, etc.

Why certificates: bind a public key to an individual subject.