7

I know that if I use self-signed cert, browsers will warn about it to the user, but I want to know that from security viewpoint is self-signed cert as secure as certificate authority(CA)?

boleslaw.smialy
  • 1,627
  • 2
  • 15
  • 25
Alireza
  • 1,280
  • 1
  • 20
  • 26
  • 1
    What is the specific usage scenario? Do the users know the site, the webmaster? – curiousguy May 31 '12 at 09:40
  • It is not for internal usage. Suppose we have a commercial website. @curiousguy – Alireza Jun 01 '12 at 09:55
  • Customers certainly expect a regular "verifiable" certificate. Self-signed is not an option. – curiousguy Jun 01 '12 at 13:19
  • Given the way modern browsers kick up a fuss over certification issues. A self-signed certificate will pretty much block most users from your site. Certain versions of chrome will actually not let you visit the site. – lynks Dec 04 '12 at 15:30

8 Answers8

13

Features

A self-signed certificate is capable of having the same security features (encryption, extended validation, permitted usage) as a certificate issued from a leading issuer such as VeriSign or GeoTrust. These options need to be set when the certificate is created.

Trust

However the purpose and the advantage of Public Key Infrastructure (PKI) (such as Internal Certificate Authority used inside an enterprise, VeriSign/Symantec, GeoTrust, and many more) is that there is an existing trust relationship between the client and the certificate issuer (e.g. VeriSign). The client (people and browser) trusts that the issuer has checked you out and has verified you are who you say you are. Certificate issuers have stringent security practises that they have to maintain. This type of relationship is not replicated with a self-signed certificate.

You can install a self-signed certificate into a browser (needs to be done for each browser) to make it recognise the certificate as trusted.

If you do not do this step the user has no way of knowing the certificate has changed unless they manually inspect the certificate. This could be dangerous because someone could intercept the transmission (man-in-the-middle) and the user would not know the certificate/host was the wrong one.

Summary

When looking at functionality alone, a self-signed certificate offers neither more or less security then one issued from a leading certificate authority.

Websites are for users, and a certificate trust is important so the user knows your website is who it says it is.

My personal opinion is that the trust and ease of deployment gained by using a public issuing authority is very important for a public web site, especially if you don’t have an existing close relationship with the people visiting it.

A self-signed certificate may be suitable for limited internal development / testing.

An internal Certificate Authority for use is a good solution for enterprises who use certificates internally and have an expertise in PKI.

Hope that helps

Matt Smith
  • 103
  • 4
Bernie White
  • 2,866
  • 17
  • 18
  • thanks. Different answers have been given you say that from security standpoint it does not differ, but the others (@Mike Scott and @olvrlrnz ,..) mentioned it is not. I'm in the dark now! – Alireza May 31 '12 at 12:35
  • 1
    They are both correct in part, but have failed to mention that if you install the certificate in the browser, the client is aware that the certificate is different. The problem is there is no existing trust with a self-signed certificate. The user has no real way of telling if they are connecting to or installing the right certificate is trust does not exist. – Bernie White May 31 '12 at 19:20
4

It's not secure, because it makes you vulnerable to a redirection or man-in-the-middle attack. Any attacker can create a self-signed certificate for your domain, and your users won't be able to tell that they've received the wrong one if they're taken to the attacker's site instead of yours.

Mike Scott
  • 10,118
  • 1
  • 27
  • 35
  • You said: `Any attacker can create a self-signed cert for your domain`. Are you sure about this? Do you have any solid proof? – Alireza May 31 '12 at 12:31
  • 8
    Yep, go create one. OpenSSL's free and you can experiment with spoofing your own site. – Fiasco Labs May 31 '12 at 14:57
2

As you already said, the browser will issue a warning to the user. This makes it possible to man-in-the-middle the connection. Certificates are about trust and your self-signed certificate lacks the trust-chain you normally get with a CA-signed cert. Consider this: if the client is going through my router to connect to your website, I can intercept the communication, generate a cert on the fly (for the client) and talk to your server using your cert. It would still look the same for the client but on my router I have the unencrypted traffic.

olvrlrnz
  • 21
  • 2
1

When we talk about security, self-signed and CA signed certificates are providing same 256-bit encryption to your website. But, SSL is not only used for security, but also refer authentication and users trust.

Drawbacks of Self-Signed Certificate,

Self-signed certificate and signed certificate carry equal encryption strength but beside this encryption, a self-signed certificate holder will have few drawback of using self-signed certificate.

  • Self-signed certificate is ideal for internal testing purpose while signed certificate can be used for internal and external environments.

  • Self-signed certificate does not support PKI (public key infrastructure) that builds the trust between the user and the certificate issuer by ensuring the user that a particular signed certificate is valid and offered from reputed CA (certificate authority).

  • Browser will throw a warning while encountering with self-signed certificate on contrary, signed certificate have already their root certificates implemented in browser hence, there will be no issue of browser warning during the visit of a website.

  • If you are dealing with eCommerce, financial, banking website, then users will not trust self-signed certificate, in that case, you need to go with signed certificate.

  • You cannot revoke the self-signed certificate. If a private key of a self-signed certificate is compromised, then attackers can easily customize the certificate.

  • If any attacker performs man-in-the-middle attack, a user interacting with the browser could not know that the certificate is changed and used by the attacker until the user inspects the certificate manually. Attacker thus can sniff ongoing transactions details.

  • When users face security warnings due to self-signed certificate they may understand that the website is not capable of securing their personal information and they would move away from the site.

  • While dealing with self-signed certificate on internal environment, employees are advised to ignore security warnings as a result, they tend to ignore warning in long run even on browsing public sites which may left the organization vulnerable.

Self-signed certificate is available at free while you need to pay few buck for signed certificate. Overall, you will have authenticity, trust, and encryption with signed certificate that can be a great advantage for any online business website.

Please read this article my company published to know more about the risks in self-signed certificates.

Jason Parms
  • 71
  • 4
  • Jason - good answer, but when linking to your organisation's pages, please declare your interest, otherwise your posts may get closed as spam as self promotion is frowned upon here. – Rory Alsop Jul 25 '16 at 07:53
  • Hello @RoryAlsop – thanks for your consciousness. The motto of given information and/or link is mere to spread awareness about the difference between a self-signed certificate and a signed certificate. The participant is here to share knowledge on niche subjects rather than involving in any self-promotion. – Jason Parms Jul 26 '16 at 11:59
  • Hi Jason - I get that, and I had a quick look at your other answers. If it was shameless self promotion I would have wiped them. I think your answers are good, just please make sure folks are aware that you work for ssl2buy and we're fine with it. You'll see my edit was very minor. – Rory Alsop Jul 26 '16 at 12:10
  • @RoryAlsop - Yes, anyone can find my relationship with SSL2BUY by visiting profile page. I generally share links to provide detail information on particular subject. – Jason Parms Jul 26 '16 at 12:18
0

If all your users know you and are confident in you, you can build your own CA for free. OpenSSL for example offers you all you need for that:

  • you first build a self signed root certificate
  • you optionally use that root certificate to sign an intermediary certificate that you use in following steps or directly use the root
  • you send that certificate to all your users asking them to put it in the list of their trusted authorities
  • you use it to sign site certificates.

The difference is only legal. If you own the CA and the site there is no trusted third party.

Serge Ballesta
  • 25,636
  • 4
  • 42
  • 84
0

As trust in PKI is somehow broken (comodo etc...), CA signed certificates show give you no popups :)

For internal usage there's no need for CA signed certs.

jirib
  • 138
  • 6
0

The funny part of all this is that in all the hosting companies I have worked for I have NEVER HEARD OF Verisign, Comodo, or any other Certificate Authority calling to check the information provided by their customer is true. They check that the credit card charges properly, and might check that the billing address matches what the customer said TO BILL THE CREDIT CARD, but NOT to issue a certificate. So while the 'trusted relationship' is implied, it is rarely ACTUALLY THERE! Yep, generating your own cert is ok for internal stuff, but for public facing stuff, where customers will be buying, you need to use a public certificate authority issued certificate. Customers don't understand any of this, nor should they have to, but they are trusting that the Verisign company is trustable (even though they don't check certs before issueing them, they're made by a computer..not a human). Hope this helps.

Todd Kleinert
  • 17
  • 1
  • +1 thanks, so you mean hosting companies that you have worked for don't offer Verisign, but they charge customers for the verisign cost. Is that what you say? – Alireza Jun 01 '12 at 09:53
  • 1
    I have been called several times. And my director was called for EV. I have also been asked to supply an official letter from domain owners when the domain I was issuing was not directly owned by my department. My experience is they do check. – Bernie White Jun 02 '12 at 01:07
0

It is the CA's role to deliver certificates to the various users. If the CA is compromised, any certificate from that CA will be revoked, i.e. it will be invalidated.

Gilles 'SO- stop being evil'
  • 50,912
  • 13
  • 120
  • 179
Mely
  • 183
  • 7
  • 1
    1. Ceci est un site international, donc en pratique anglophone. 2. Good point about revocation being easier to manage through institutional channels, but considering how rarely revocation works as intended, I don't see it as a very strong argument. – Gilles 'SO- stop being evil' Jun 01 '12 at 17:10