Current location - Quotes Website - Personality signature - Why can't enterprises use self-signed SSL certificates?
Why can't enterprises use self-signed SSL certificates?

the SSL certificate generated by yourself is not an SSL certificate issued by a CA organization, so it is called a self-signed certificate.

explanation:

trusted SSL certificate: it will be trusted and recognized by the browser, and the security encryption service is related to the security scanning CA supporting service.

self-signed SSL certificate: it will not be trusted by the browser, and the security risk of data hijacking is high.

main risks of self-signing:

the address bar of the browser will prompt the unsafe websites.

applets or apps cannot be applied and supported.

credit and interface transaction behavior cannot be realized.

web pages will be hijacked, forced to insert advertisements or jump to other web pages.

user data is transmitted in plain text, and private information is hijacked in the middle.

extremely vulnerable to hijacking and phishing attacks.

security risks of self-signature:

self-signed documents are most vulnerable to SSL middleman attacks

self-signed documents support insecure SSL communication renegotiation mechanism

self-signed documents support very insecure SSL V2. protocol

self-signed documents have no accessible revocation list

self-signed documents use insecure 124-bit asymmetric key pairs

the validity period of self-signed documents is too Gworg