Wolves in sheeps’ clothing
Things often turn out great when you do them yourself. But when it comes to signing SSL certificates, you might want to give that DIY project a second thought. Before digging deep into the risks of using self-signed certificates, let’s spend some time getting re-acquainted with the functions of SSL certificates.
What do SSL certificates do?
The functions performed by SSL certificates can be broadly classified into two categories:
- Encryption: SSL certificates encrypt data in transit using Secure Socket Layer (SSL) protocol. When you reach out to a website, SSL certificates ensure that the communication between you and the website remains private.
- Authentication: SSL certificates certify the validity of an organization, so that users can make sure they’ve reached the correct website and feel safe sharing their private information.
Risks of using self-signed certificates.
SSL certificates are generally signed and issued by trusted third parties called certificate authorities (CAs). CAs verify that website owners really are who they claim to be (that’s right, browsers don’t trust you). If your organization has any public-facing websites, it’s best to use CA-signed certificates. Signing SSL certificates on your own can put you through either one or both of the problems below.
- Browser security warnings: If you’re using self-signed certificates, browsers will display security warnings to visitors on your website, indicating that it is not safe enough for him/her to share private data with your organization. This drastically brings down the trust customers have in your organization and is a huge blow to your reputation.
- Website phishing due to key compromise: Self-signed certificates originate internally, meaning the private keys remain with you. If you don’t keep track of your private keys, chances are high that they might land in the wrong hands. Attackers who have access to your private keys can create a similar certificate, set up a duplicate server, spoof your website, divert internet traffic, and steal your customers’ data. Self-signed certificates can turn into a complete disaster for you and your customers if private keys are compromised.
Read the entire article here, Wolves in sheeps’ clothing « ManageEngine Blogs
Via the fine folks at ManageEngine.
White Papers
Application Lifecycle Management with Stratusphere UX – White Paper
Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]
Share this:
2018 Will Be The Year of Citrix Migration! eG Innovations and DABCC Survey Reveals Industry Trends for XenApp and XenDesktop 7.x Migration
IGEL Community Releases Free “How-To Install and Configure the IGEL Software Platform” Made Easy Book
IGELl’s Security Enhancements for Thin Clients – White Paper
White Paper: IT Performance Monitoring Tools – Reading Between the Lines
Does Deploying Citrix in the Cloud Make Performance Monitoring Easier? – White Paper