Questions

Answer for:

certificate authority

Message 4 of 4

View entire thread
+
0 Votes
darpoke

At the risk of redundantly repeating what's already been said, you pay a CA like Verisign to give you a certificate that people who don't know you (i.e. your company) to trust you will accept.

Obviously for internal organisational matters you trust yourselves :-)

I created a self-signed certificate for a website of ours that's available over the public internet through SSL but that only company staff have authentication details for.

The implications, it's worth noting, are that most browsers ship having been preset to automatically trust certificates from the major CAs - so when you connect to Amazon to make a payment, the lock appears, the protocol changes to 'HTTPS' and you don't notice anything else. If your certificate is self-signed then anyone who's expected to accept it will have to do so, as their browser will flag it as not being listed in their internal DB.

It's a lot more obvious, in other words, and requires explicit acceptance from the user.