4

I accidentally replaced the entire contents of my /etc/ssl folder, which had three things:

  1. certs folder with all CA-Certificates
  2. openssl config file
  3. private folder

I restored the certs folder by following this: Problem with certificates

I am assuming that openssl.cnf file is also default, so i can get that as well.

But, the private folder is still missing(and i understand that i cant get it back). My fear is:

  1. Is that the private key of my machine?
  2. What should be the consequences of not having the private folder?
  3. Can that be regenerated?
Community
  • 1
Anshuman Chatterjee
  • 143
  • 1
  • 4
  • Do you remember having anything in that `private` folder? – Anwar Sep 12 '16 at 10:42
  • I never checked. But that folder is there in all my ubuntu systems, and is protected. So it seems to be important to me – Anshuman Chatterjee Sep 12 '16 at 10:48
  • 1
    The folder is empty in my system. It seems it will be empty unless you put certs in it. but I'm still searching on it – Anwar Sep 12 '16 at 10:56
  • I have one file called `ssl-cert-snakeoil.key` in that folder, that I don't remember putting there. Its creation date is close to the release date of 15.04. See [here](http://askubuntu.com/questions/396120/what-is-the-purpose-of-the-ssl-cert-snakeoil-key). – Jos Sep 12 '16 at 11:14
  • "Can that be regenerated?" yes. – Rinzwind Sep 12 '16 at 11:59

1 Answers1

2

/etc/ssl/private is one place meant to store your private keys. It is generally empty unless you put something into it. As you dont remember putting anything into it, you are probably fine.

PHP/Apache does NOT use this location for it ssl private keys. It uses /etc/apache2/ssl/private. SSH keys are stored in /etc/ssh/.

Overall it looks you can get away with this one :D

inquisitive
  • 136
  • 1
  • 3
  • "(and i understand that i cant get it back)" you missed this in the question. Please add in an instruction for recreating it and he is good to go. – Rinzwind Sep 12 '16 at 11:59
  • op is champ, he himself restored using http://askubuntu.com/a/428152/593718. apparently he is just preparing for the fallout :D – inquisitive Sep 12 '16 at 13:21