Solved

Self-Signed Certificates not trusted

Posted on 2007-11-21
2
1,952 Views
Last Modified: 2008-02-01
Whay are self-signed certificates not trusted??
0
Comment
Question by:wzimmerl
2 Comments
 
LVL 7

Accepted Solution

by:
multithreading earned 25 total points
ID: 20330965
because you usually have no practical way of knowing for sure that they are really from who you think they are from. Anyone can make one, and anyone can replace one that someone else made. By the time it gets to you, you can't be sure it is the original, unless you saw the original person make it, and then they burned a CD on an uncompromised system and handed it to you, and you took it to the other system and installed it.

0
 
LVL 2

Assisted Solution

by:SwassLikeMe
SwassLikeMe earned 25 total points
ID: 20331170
What multithreading says is correct.  I would probably add that the reason it's not trusted is because it doesn't come from an authorized certificate server, such as Verisign, etc.  This is why they charge so much, because not everyone can do it (and for good reason).  There is a solution, however.

If you want to simply have a few clients accessing your one website, for example, you can install the certificate on Windows (or in their browser) to allow them to connect via SSL without being warned about an untrusted SSL certificate.

If you're really savy, you could even set up your own local certificate server to use in your domain, that would allow local computers in the domain to automatically trust the system you are connecting to.  That's a lot of work though, so I don't recommend going that route.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article explains in simple steps how to renew expiring Exchange Server Internal Transport Certificate.
Encryption for Business Encryption (https://en.wikipedia.org/wiki/Encryption) ensures the safety of our data when sending emails. In most cases, to read an encrypted email you must enter a secret key that will enable you to decrypt the email. T…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now