If I generate two SSL certificates using the same key, am I diluting the strength of the certificates? (does it open the door for cryptanalysis or a possibility of compromising data across that channel)?
Thanks
If I generate two SSL certificates using the same key, am I diluting the strength of the certificates? (does it open the door for cryptanalysis or a possibility of compromising data across that channel)?
Thanks
Re-using the same private key to generate a new certificate request technically doesn't increase your risk exposure. Essentially the same public key is being used, but the x509 headers are changed with the updates site name, dates, or whatever other changes there are between the two certificates.
Stepping back, you should analyze the reason for not regenerating the private key when renewing a certificate/requesting a new certificate. Although current encryption algorithms cannot be broken, then longer you use the same private key, the more information is encrypted with that key, and the larger the pool of data will be for any future crypto-analysis. (Although in reality a session key encryption a majority of the data sent between clients, there still is technically more sessions being security with the same public/private keypair, so the same principle is applies).
As a general practice, it is best to generate a new private key when certificates are up for renewal.
Short answer is no.
The only case visible to me - if somebody can steal private part of one cert or factorize it, he will be able to decipher both sites.