What is a Secret Key?

A secret key is a key of a pair of encryption keys used in public-key cryptography that must be kept under the control of the owner. And kept confidential without being given to the other party or publicly disclosed. The other key is made public and used by the other party and is called a ” public key. ”

In the public-key cryptosystem, they use a pair of corresponding cryptographic keys, and a ciphertext encrypt with the help of a public key can decrypt only with a secret key.

In a typical public-key cryptography RSA, the reverse is also possible. And it is also possible to use a secret key to perform encryption (equivalent conversion processing) and to decrypt with a paired public key. Public key cryptography is unusual).

Uses of a Secret Key

The use of a secret key is when creating HMAC when using the host page. If you use Shopify, set your private key in the Shopify admin.

  • The private key is an essential file for encrypted communication. But neither the certificate authority nor the SSL certificate sales site holds the private key. So if you lose or delete it, make the same one again can not.
  • The reason why the file is essential is that the encrypted data cannot be decrypted (restored to the original data) without the private key.

For example, if you lose your private key, the data encrypted on the browser side (site user side) will transfer to the server-side (site operator side) in the same way that if you forget the PIN CODE of the cash card. You will not be able to withdraw money from the ATM.

Importance

  • It cannot use the SSL certificate issued using the private key. Of course, you can reset your password by following the prescribed procedure. Such as a bank PIN or web service password.
  • If you delete or lose your private key, you will need to generate a new CSR. And private key and re-issue the SSL certificate.
  • Keep your private key in a location that minimizes the possibility of leakage as long as the SSL certificate is valid and handle it with care.
  • In particular, if you use the easy installation function of the rental server. You can set the SSL certificate without being aware of the secret key, etc.
  • So even those who do not notice the state that “the private key exists only on the rental server” Many are found.
  • Please note that if you cancel the server to move the rental server in this state. It will erase the secret key at the same time.