Current location - Quotes Website - Personality signature - Self-signed certificate HTTPS
Self-signed certificate HTTPS
Self-signed certificate HTTPS is a certificate created by openssl and other tools, also known as self-signed ssl certificate, which is not issued by a trusted CA authority. This certificate can be issued at will, unconstrained and unsupervised, so it is not trusted by any browser or operating system. The disadvantages of self-signed SSL certificates are as follows:

First, it is used by "people with a will".

In fact, "a willing mind" refers to a hacker. Self-signed SSL certificates can be issued by themselves, so others can also issue them. Hackers take advantage of their random distribution, and they can forge an identical self-service visa book and install it on phishing websites in minutes, so that visitors can't tell the difference between true and false.

Second, the browser will pop up a warning and be vulnerable to attacks.

As mentioned earlier, browsers do not trust self-signed SSL certificates. Even if the self-signed SSL certificate is installed on the website, the browser will pop up warnings when users visit, which greatly reduces the user experience. Because it is not verified and issued by CA, CA can't identify the signer and won't trust it, so the private key is useless, and the security of the website will be greatly reduced, thus giving attackers an opportunity.

Third, it is easier to install than to undo.

The self-signed SSL certificate has no accessible revocation list, so it does not have the status that the browser can check the certificate in real time. Once the certificate is lost or stolen and cannot be revoked, it is likely to be used for illegal purposes, causing losses to users. At the same time, the browser will also send out "revocation list is unavailable, do you want to continue?" Warning not only slows down the browsing speed of web pages, but also greatly reduces the trust of visitors to the website.

Fourth, the longer the validity period, the easier it is to be cracked.

The validity period of self-signed SSL certificates is extremely long, ranging from several years to decades, and can be issued as many years as you want. SSL certificates issued by trusted CA institutions will not be valid for more than 2 years, because the longer the time, the easier it is to be cracked by hackers. So the long validity period is one of its disadvantages.

Weighing the pros and cons, Anxin SSL Bian Xiao still suggests that websites should not install self-signed SSL certificates. Everything that falls from the sky is basically a trap. Finding a formal and reliable certificate service provider is the truth. Might as well go to Anxin SSL to find out. Brands and models are relatively complete, and you can recommend SSL certificates that are most suitable for your website according to your specific needs.