What are private and public keys?


After picking up and breaking my head to install ssl scripts in Apache, some questions popped up in my head about some nomenclatures that were appearing according to the searches I was doing to get help on the internet.

What most caught my attention was when I tried to configure the pointing of the keys in the Apache2 configuration file, where I would have to point to two files, which are public-key and private-key > public key and private key ).

I wanted to understand:

  • What do each of these two types of keys mean?

  • Why are they used in SSL certificates?

  • They follow some pattern (since I always see those keys with code similar to a base64)?

  • What are the standard file extensions to identify each of them?

asked by anonymous 03.11.2016 / 20:43

2 answers


As you have already done the short and thick answer, I will do the long.

To understand the terms 'public key' and 'private key' you need to know a bit about encryption algorithms.

Introduction to Encryption

Encryption algorithms aim to ensure that a sender changes a message with a recipient without intermediaries getting it.

On the Internet, they are responsible for preventing strangers from reading your precious personal data. After all, you do not want people sneaking your email or worse, your credit card number!

There are two main ways to do this.

Symmetric algorithms use a single key, known in advance by both the sender and the recipient. The workflow is simple: the sender encrypts the message using the key and sends encrypted content over the internet. The receiver then receives the message and decrypts it using the same key.

As you may have noticed, this kind of algorithm has a problem: both sides of the conversation need to know what the key is to decrypt the message! How to send secure messages to unknown recipients? Simple.

Asymmetric algorithms work not with one but two keys:

  • A public key , available to everyone, is used to encrypt the message. This key can not decrypt .
  • A private key , known ONLY by the recipient, has the power to decrypt messages.

Asymmetric algorithms work (almost) as mailboxes: Any sender can put (encrypt) a message in his box, but only you, the recipient, can read.

Regarding the topic of the question


What do each of these two types of keys mean?

I hope the above explanation has answered.


Why are they used in SSL certificates

Certificates are a form of asymmetric algorithm. When you want to send something important to a site, you first encrypt your data using the site's public certificate. This ensures that only the owner of the site can read your information.


Does a private key have any relation (a dependency relation, for example) with the public key?

Well, to encrypt something you need the public and to decrypt the private. It does not make much sense to have one without the other.


They follow some pattern (since I always see these keys with code similar to a base64)?

There are several certificate standards. A very common example is X509 . All the standards I know for certificates are binary, for performance.


What are the standard file extensions to identify each of them?

There are several different extensions for certificates. If you understand English I suggest you take a look at this . > blog.

Other Questions


Are both the private key and the public key encoded in X509?


03.11.2016 / 23:08

Public and private keys are related to their functionality, where and when you need to send data, consider whether the client server scenario.

Example sending a form (client), get my public key code the data and send me your form. Server, form getting to me, then I get my key that only I know and use to open the information I received from the form.

This is the simplified form of the process, they have a total dependency relation because if you pick up any other key, with my private key the server will not be able to open.

The keys are base 64Bits, usually can not know that it is public and private except for the extension itself. because they look just the same as making it difficult to decrypt the keys with some key breaking policies.

That's what I can contribute to the issue, there are more in-depth details, books, colleges and many theories to the subject.

03.11.2016 / 21:07