The private key
is the most important part of a digital certificate. By definition, this key is
not to be shared with anyone and should be kept securely on the
NetScaler appliance. Any data encrypted with
the public key can be decrypted only by using the private key.
supports two encryption algorithms, RSA and DSA, for creating private keys. You
can submit either type of private key to the CA. The certificate that you
receive from the CA is valid only with the private key that was used to create
the CSR, and the key is required for adding the certificate to the NetScaler.
Caution: Be sure to limit access to your private key. Anyone who has
access to your private key can decrypt your SSL data.
certificates and keys are stored in the /nsconfig/ssl folder on the appliance.
For added security, you can use the Data Encryption Standard (DES) or triple
DES (3DES) algorithm to encrypt the private key stored on the appliance.
length of the SSL key name allowed includes the length of the absolute path
name if the path is included in the key name.