Current location - Quotes Website - Personality signature - MAC applies for a self-signed ssl certificate
MAC applies for a self-signed ssl certificate

It is not recommended to apply for a self-signed SSL certificate. The risks of using a self-signed SSL certificate are as follows:

First, it is used by "people with a heart".

In fact, "people with a heart" refers to hackers. Self-signed SSL certificate can be issued by yourself, so others can also issue it. Hackers just take advantage of their random issuance, and can forge an identical self-visa book to install on phishing websites in minutes, so that visitors can't tell the truth from the falsehood.

second, the browser will pop up a warning, which is vulnerable to attack.

As mentioned earlier, the self-signed SSL certificate is not trusted by the browser. Even if the website is installed with a self-signed SSL certificate, the browser will continue to pop up a warning when users visit, which greatly reduces the user experience. Because it is not verified and issued by CA, CA can't identify the signer and won't trust it, so the private key is useless, and the security of the website will be greatly reduced, thus giving attackers an opportunity.

Third, it is easy to install and difficult to revoke.

Self-signed SSL certificate has no accessible revocation list, so it does not have the status for the browser to check the certificate in real time. Once the certificate is lost or stolen and cannot be revoked, it is likely to be used for illegal purposes, thus causing losses to users. At the same time, the browser will also send out "Revocation list is unavailable, do you want to continue?" The warning not only slows down the browsing speed of web pages, but also greatly reduces the trust of visitors to the website.

Fourth, the longer the validity period, the easier it is to be cracked.

The validity period of a self-signed SSL certificate is extremely long, ranging from several years to decades, and it can be issued as many years as you want. SSL certificates issued by trusted CA institutions will not be valid for more than 2 years, because the longer the time, the more likely it is to be cracked by hackers. Therefore, the long validity period is one of its disadvantages.