How to find HTTPS key location

[Kewda Sho]

Hi! I want to find from where HTTPs get its key for transfer and receive the data? I have to computerize some of the stuff at my working place by using a java script. I can do this with the help of packet sniffer but the website I am going to visit is horrible for the job of data entry, it is very weakly designed from the view of users so it is bad idea to do communications using packet sniffer. I am a rightful user with a username and password. So the thing I want to know is where does the Secure Socket Layer/Transport Layer security key get preserved exactly on the client side? Please get the location it will find me ease while working in office. I am Thankful to you in advance.

[Lemog]

Hello! At the time of installation procedure, PaperCut NG produces a self-signed key or certificate that is issued for the host's computer name. These are the key that are used by default at the time when the system is accessed with the help of HTTPS on port no 9192. The default Secure Socket Layer certificate gives better safety, however there are two ways to using a self-signed certificate that are as follows:

• At the time of the use of HTTPS site using a completely-standardized domain name, the browser will give you a "Domain mismatch warning". In order to evade this warning, you have to reconstruct the self-signed certificate with the system completely qualified domain name.
• The browser will furthermore advise the user that the certificate you are using is not signed by authorized authority. In order to shot this trouble you have to get a certificate signed by a authorized authority.

[Candace]

In order to be acceptable to a web-server a 'https://' requests, a private/public key-pair (Apache2 w/ mod_ssl) desires to be created and also it should be stored in the proper place(s). You should keep in mind before going to the place for executable 'openssl.exe' has to be in the path of that location. And you should also take care that 'openssl.exe' should be able to find its configuration file 'openssl.cnf'. For the generation of a self-signed private or public 1024 bit key-pair which will be valid for 365 days.

Start the command prompt (cmd), after that go to the directory that include 'openssl.exe'...
cd /d C:\www\openssl\bin
Generate the certificate signing request that is server.csr and also private key which is privkey.pem.
> openssl req -new -out server.csr
Now delete the pass-phrase from privkey.pem which is private key, for creating a server.key.
> openssl rsa -in privkey.pem -out server.key
Design a self-signed certificate with the name server.crt which is public key.
> openssl x509 -in server.csr -out server.crt -req -signkey server.key -days 365
After both the creation, create the default storage place public key file server.crt, specified within ssl.conf.
> mkdir C:\www\Apache2\conf\ssl.crt
After the creation of default location for public does the same for private key it should also specified within ssl.conf.
> mkdir C:\www\Apache2\conf\ssl.key
Then relocate this both public and private key to the proper location.
> move server.crt C:\www\Apache2\conf\ssl.crt > move server.key C:\www\Apache2\conf\ssl.key
Erase file '.rnd' which includes vital information and could be used to reconstruct the keys.
> del .rnd
And preserve server.csr if you map on self-signing more keys and you want the power to match up accurately, or else, remove it and the old public key with the passphrase certification.
> del privkey.pem > del server.csr

[Amie]

Public key confirmation is a means of identify yourself to a login server that you are accessible or not, instead of entering a password. It is most secure and elastic, but not easy set up. In usual word with password verification proves you that you are authorized to see that particular information. It is only one method to show you know the password is to inform the server what is the password. And if the server has been tracked, or spoofed, by an attacker he/she is accessible to you secret information. In order to, overcome this difficulty of public key. You need to generate a pair of key called public key and private key. The private key is able to produce signatures. A signature has been produced using your private key cannot be copied by anyone who does not have that key. And for safety purpose private key is that key which is stored on the server side and the second key that is private key is stored on the client side.