Hi,
I was wondering if someone could explain a certain aspect of SSL certificates to me. I understand the technical principles of a private/public key pair for encrypting a connection using SSL, what I'm less clear on is the bewildering array of different types of certificates available and why the big names like Thwate are so dominant. I appreciate that if you visit a new site then seeing the Thwate name is a reassurance, but are there any non commercial certificate generation sites or even standalone software tools? In my case I'm looking to protect our Exchange server for a small handful of mobile users. Why should I therefore worry about the trust issue? Can't I just make my own certificate pair and use that? Wouldn't the end result in terms of encryption be the same?
And a final query - when certificates 'expire', am I right in thinking that they can still be used to encrypt data? Is the 'expiry' date a feature added purely to create more revenue? I appreciate that end users on a public website would be put off by the certificate expiry warning they'll get, but for use solely for staff need I really worry if one of our certificates expire?
Start Free Trial
