Self Signed Certificate



What is issue with self signed Certificate
The identity of the server cannot be verified. The connection itself may be comprised if someone creates the same self signed certificate details, except the private key, and then execute MITM attack to intercept the traffic between the two end points.
In case Cert is issued by a third party, it is verified by the third party.

What is the purpose of a Certificate
Distribute the public key and verify the identity of the server. The identity of the server verification is important so that one is sure about the correct server they are connecting to. If you trust the third party who verifies the claim of identity of the server then you are sure about the identity of the remote server. In case of self signed cert the remote server is claiming the identity and there are no verifications.

Comments

Popular posts from this blog

VMware fix for Invalid manifest and ova file import failed errors

SOAPUI - import certificate

Session Timeout in Oracle Access Manager