Today, I finally wanted to issue my already purchased certificate for my main web page (StartSSL’s certificate has expired). I’ve generated a CSR about a month ago, but I didn’t have the time to complete the validation process, so I just left it how it was.
As I finally got around to validate, I received my new public certificates. But, stop. Where did I put my private key when generating the CSR?
Scrolling through my bash history, horror ensued. I’ve done this in /tmp/. For a non-Linux user, that may not sound dangerous (apart from almost no security there), but /tmp/ is cleared on every reboot.
Thanks to the great NameCheap Support (thanks, Anna!) it could be re-issued by a manual approval process.
Lesson learned hard:
- Take your time for SSL certificates
- Have your domain-E mail ready
- Store everything in a secure AND organized place
- Never store anything but REAL garbage in /tmp/