Digital Marketing and Web Design Agency WebCoreLab

Digital Marketing and Web Design Agency WebCoreLabDigital Marketing and Web Design Agency WebCoreLab

  • Terms
  • Privacy
  • SUPPORT
  • ABOUT US
  • CONTACTS

Digital Marketing and Web Design Agency WebCoreLabDigital Marketing and Web Design Agency WebCoreLab

  • WEBSITE DEVELOPMENT
    • CATALOG
    • DIGITAL COMPLEX
    • LANDING PAGE
    • CUSTOM WEBSITE
    • ONLINE SHOP
    • PROMO SITE
  • DIGITAL MARKETING
    • CONTEXT ADVERTISING
    • SMM
      • Facebook
      • Instagram
      • Youtube
      • LinkedIn
      • Pinterest
      • Google+
      • Twitter
  • LOCAL MARKETING
    • CREATION AND OPTIMIZATION
    • WORKING WITH BUSINESS LISTINGS
    • DAILY SUPPORT
  • SEMANTIC CORE
    • Audit of the Semantic Core
  • ORGANIC SEO
    • Development of the semantic core
    • Analysis of the reference mass
    • Site Audit
    • Usability Audit
    • SEO optimization of the site at the development stage
    • Site output from the FILTERS OF GOOGLE
  • DEVELOPMENT
    • Custom CRM for Enterprise Company
    • DEVELOPMENT OF MOBILE APPLICATIONS
      • Android Apps Development
      • iOS apps Developing
  • UX DESIGN
  • WEB-DESIGN
    • Online Store Design
    • Individual Site Design
    • Corporate Site Design
    • Landing Page Design
    • Adaptive Design
    • Website redesign
CONTACT
  • Home
  • News
  • News
  • What is a self-signed SSL certificate and what are its disadvantages?

What is a self-signed SSL certificate and what are its disadvantages?

Wednesday, 24 April 2019 / Published in News

What is a self-signed SSL certificate and what are its disadvantages?

A self-signed SSL certificate does not provide reliable data protection from the browser to the server. By creating this certificate, you yourself are its witness, in contrast to the versions signed by trusted certificate authorities.

What is a self-signed SSL certificate?

Technically, such a certificate does not differ from the version signed by a trusted authority. The difference is in the signature certifying the certificate.

Self-signed versions are more often used for testing sites and applications. They are also created for small sites that do not make sense to attack from the side. Resources with high attendance, as well as collecting personal data of visitors, should be identified exclusively by trusted certificates.

You can create as many self-signed versions as you like. When loading pages of sites with such certificates, visitors will always see a message with similar content:

Such a warning scares people away. Most refuse to go to such a site, resulting in a drop in its attendance.

The conclusion here is one: to attract visitors, you must use trusted certificates signed by well-known centers. Their root certificates are available in every browser, which notifies the user about the reliability of data encryption.

What are self-signed SSL certificates?

They are created manually using special programs or libraries. For example, for Windows, you can use the OpenSSL cryptographic repository or PowerShell console. These tools generate SSL certificates, create public and private keys.

Creating a self-signed SSL certificate through OpenSSL involves using the following commands:

  • out /home/devuser/cert/cert.crt – location of certificate location;
  • newkey rsa: 2048 – automatic key creation if you don’t have one;
  • req-x509 – request to generate a self-signed certificate;
  • keyout /home/devuser/cert/mykey.key – request for key generation.

Then after entering the password, you need to describe the data on your server. To skip a specific parameter, leave the dot “.” At the end of the command line:

You can note in your browser that the generated certificate is secure. Then your device will not pop up a message about an unprotected connection. All other users will still receive such a message.

To create a self-signed SSL certificate in Windows using PowerShell, enter the following command in it:


New-SelfSignedCertificate -DnsName localhost -CertStoreLocation cert:\LocalMachine\My


This is the request to generate a self-signed certificate. Once created, you can move it to the trusted certificates folder on your computer. After that, the browser will stop issuing a notification about the lack of data encryption.

This is the self-signed SSL certificate on the Nginx server:

Where cert.crt is the public key, and cert.key is the secret key. The self-signed certificate on the Apache server looks like this:

Site.ru is the domain of the resource for which you are generating a certificate.

Advantages and disadvantages of self-signed SSL certificates

Pros of self-signed versions

  1. The ability to generate an infinite number of certificates.
  2. No signature fee.
  3. Speed ​of creation No need to wait for a response from a certification authority.

Disadvantages of self-signed certificates

  1. The risk of losing user data.
  2. Permanent warning about an unknown publisher.
  3. No guarantees that the data from the site will not fall into third hands.
  4. Lack of trust from people, because the site does not have a signature center sign icon.
  5. The appearance of errors in the design and display of the certificate, if it was created incorrectly.

Trusted centers issue different forms of certificates that differ in cost. The simplest means domain name authentication.

More expensive is issued after a full check of the data provided by the company. To the extent that they can check the contacts and documentation of the applicant.

After successful identification, the corresponding green icon with the center logo appears on the site. This factor greatly affects the trust of visitors to the site.

Conclusion

The similarity between a self-signed certificate and a trusted certificate ends in their technical part. A self-signed certificate creates encryption of data transmitted from the browser to the server.

However, this information is at risk of being seized by third parties and cannot be withdrawn. In addition, the site identified by a self-signed SSL certificate will always pop up a dangerous connection notification. This factor affects its attendance.

It is better to use self-written certificates on small sites, in tested applications or internal resources of small companies, where all employees know about unsafe connections. Commercial resources with high attendance should be identified exclusively by trusted certification authorities.

Share this:

  • Twitter
  • Facebook

Like this:

Like Loading...
  • Tweet
Tagged under: SEO, site security, technical seo

What you can read next

How to get the most out of your CRM systems
How to get the most out of your CRM systems
How to optimize JavaScript code to speed up site loading
4 major web design mistakes small businesses make
4 major web design mistakes small businesses make

Leave a Reply Cancel reply

Recent Comments

    Recent Posts

    • THE MAIN ERRORS OF WEBSITE DESIGN

          Website design is more than just ...
    • 10 SIGNS OF AN OUTDATED SITE: HOW TO CHECK AND PREVENT.

      The site is the face of the organization, so it...
    • Main Reasons Why Fresh Content is Important for Your SEO and Web

        What are different reasons it is signifi...
    • How the ranking in google search works in 2020 – all secrets

      How Google Ranks Sites: Algorithms and the Sear...
    • Eight non-obvious things in SEO, that will increase the visibility of the site

      Hello everyone, watching the work on website pr...

    webcorelab

    120 Eglinton East, Suite 500
    Toronto ON M4P1E2
    Toll free Canada: +16475465599
    Secondary phone Canada: +18888931842 for US
    +380891205858 for UA & RU
    Email: info@webcorelab.com

    • WEBSITE DEVELOPMENT
      • CATALOG
      • DIGITAL COMPLEX
      • LANDING PAGE
      • CUSTOM WEBSITE
      • ONLINE SHOP
      • PROMO SITE
    • DIGITAL MARKETING
      • CONTEXT ADVERTISING
      • SMM
        • Facebook
        • Instagram
        • Youtube
        • LinkedIn
        • Pinterest
        • Google+
        • Twitter
    • LOCAL MARKETING
      • CREATION AND OPTIMIZATION
      • WORKING WITH BUSINESS LISTINGS
      • DAILY SUPPORT
    • SEMANTIC CORE
      • Audit of the Semantic Core
    • ORGANIC SEO
      • Development of the semantic core
      • Analysis of the reference mass
      • Site Audit
      • Usability Audit
      • SEO optimization of the site at the development stage
      • Site output from the FILTERS OF GOOGLE
    • DEVELOPMENT
      • Custom CRM for Enterprise Company
      • DEVELOPMENT OF MOBILE APPLICATIONS
        • Android Apps Development
        • iOS apps Developing
    • UX DESIGN
    • WEB-DESIGN
      • Online Store Design
      • Individual Site Design
      • Corporate Site Design
      • Landing Page Design
      • Adaptive Design
      • Website redesign
    TOP
     

    Loading Comments...
     

      %d bloggers like this: