VPN with client certificate via managed PKI - where did private key come from?
I am taking a slight guess, however, I suspect that in browser is using generateCRMFRequest and importUserCertificate in combination. An overview of the process is given by the deprecated Javascript_crypto documentation for Firefox.
Similar things can be achieved with Internet Explorer. I haven't looked but I imagine Safari has some level of support too.
These are entirely non-standard extensions, and according to this post on the CA/Browser forum, not the future.
The key is generated locally, however, it is hard to tell whether or not the key is also sent to the CA for "archival" as in generateCRMFRequest. Since the javascript has access to the generated key, it could conceivably send it over the internet.
Final bit of info, is there a generic tool to do this in Linux? Not to my knowledge. You can certainly go through the process of:
openssl genrsa ... -out private.key
openssl req -new ... -inkey private.key -out certplease.csr
sending certplease.csr to the CA. From them you would get back a PKCS#7 certificate signed by them (and possibly other certificates in the chain, in case they are needed).
However, I don't believe there is a standard user-based private key store in Linux - rather, each desktop environment has a slightly different one.
This is a fascinating question.
First, some thoughts about the .cer file you get:
Check out the list of PKCS standards; PKCS#7 is just a container for transporting signed / encrypted data, that doesn't tell us anything about what that data might be. If the data inside was in PKCS#12 format then it's entirely possible that the private key was bundled with it. I guess the important question there is: did you have to enter a password as part of importing the .cer?
Symantec Managed PKI
There are some hints (but no answers) in the Symantec™ Managed PKI Service Deployment Options guide.
You are clearly describing
2.1.1 Native browser enrollment
The native browser enrollment requires no software to be installed on the end user’s computer, and works in both cloud and hybrid scenarios.
Although it's rather lacking in details about where the key is generated.
Having the server generate a private key for you and bundle it into the .cer file would be consistent with sentences like this:
... This option is important in terms of ensuring that high security certificates, such as a smart card or USB token, end up in the appropriate store.
Since certificates are, by definition, public, the only way the phrase "high security certificates" makes any sense is if there's a private key bundled with it.
They also make a lot of references to Microsoft Active Directory enrolment / key management services. But that doesn't explain your Linux case.
Edit: Duh. Something else that's possible is that the browser has access to the OS's crypto functionality (for example Microsoft CAPI) and the javascript on the enrolment page gets the OS to create a private key, and generate a certificate request including a proof-of-possession of that key.