I have noticed that a number of different web and mail server software allow or require you to provide the TLS certificate (including server certificate, CA intermediate certificate, and CA root certificate) and private key in a single .pem file.
So, the server sends the certificate(s) to every client attempting to connect, but, of course, you want to keep your private key secure and secret. So, how does this work when they are all in the same file? Does the software know to only send the certificate parts and never send the private key, even though they are in the same file?
Thank you.
Yes.