Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

Display Private Key Option when Generating a CSR

This article relates to LoadMaster firmware version 7.2.52.

In LoadMaster firmware version 7.2.52 (and LTS firmware version a new check box was added to the Generate CSR screen (in Certificates & Security) when the Self-Signed Certificate Handling option is set to EC certs with an EC signature in Certificates & Security > Remote Access.

Select this check box to also display the private key of the request after clicking Create CSR.

If Display Private Key is enabled, or if Self-Signed Certificate Handling is set to another value, the private key is displayed.

If Display Private Key is disabled, the private key is stored locally (and it is not displayed). There is only one private key per machine and it is not shared between High Availability (HA) pairs. This means the newly-generated certificate must be installed on the machine that the CSR was generated on. When importing the generated certificate, the private key must not be specified. If the saved private key matches the new certificate, the certificate gets imported and the saved private key is deleted. The stored private key is not encrypted but there is no access to it from the outside and it cannot be seen or displayed.