And if for some reason you wanted to keep the same public key pair, you could do so.

So you go through a process to generate what's called a "key pair."

When you install the system, they generate a public and private key pair.

Using such an algorithm, only one key pair is needed per user.

It's the key of the key pair that you chose to make public.

The safer, better approach is clearly for you to generate that private and public key pair yourself.

So somebody who wants to generate a certificate first creates a public key pair.

This is done, by using one of the public and private key pairs .

That's a one-time process, to create the public and private key pair.

Although different, the two parts of the key pair are mathematically linked.