Hiding private key of CA?

Question

Hiding private key of CA?

Closed this issue 5 years ago · 1 comments

Signing something needs the private key of the CA and passphrase.
However, since source code should be opened, how can we use the secret key of CA in secret?
Is there something I misunderstood?

Answer 1 · 2019-03-30T22:17:50.000Z

This is not a CTF. Other teams will audit your code and try to find backdoors, and that's it. Therefore, even if you make your key public, it doesn't matter.