An SSL certificate uses public key encryption and symmetric key encryption to encrypt data transmission between the client and server, so as to ensure data confidentiality and integrity as well as identity authenticity of the communicating parties. Private key disclosure for an SSL certificate will result in disclosed keys of encrypted sessions, posing the risk of website data leakage. A private key password for the SSL certificate provides an additional layer of security to the private key.
When you apply for a Tencent Cloud SSL certificate, a private key password option will be available. If you specify a private key password, the private key file in the issued SSL certificate will be protected with this password. If you do not specify a private key password, a private key password will be automatically generated, and the private key password file (e.g.,
keystorePass.txt) will be contained in the package.
Generally, you need to use a private key password when installing an SSL certificate to a web service. For example, when you install an SSL certificate on a Tomcat server, the field
keystorePass= represents the private key password.