IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [self-signed]

Self signed certificates.

58 questions
2
votes
1 answer

Securing HTTPS between two local applications on same system

I would like to know how to securely setup HTTPS between two applications running on the same workstation in a production environment please: A local server application (C#) A web frontend which accesses the local server through a browser (packaged…
bemo
  • 25
  • 4
2
votes
1 answer

Any disadvantages to long-lived self-signed certificates for personal use?

I run my own IMAP server on my own machine, and am the only user of it. The server uses a self-signed certificate that I generated with OpenSSL. I don't use the certificate for any other purpose. I connect to the server only from the local…
Psychonaut
  • 615
  • 4
  • 14
2
votes
2 answers

How do clients extract the public key from a self-signed certificate?

I have gone over: Why do we need to sign the self-signed certificate? Basic self-signed certificate questions Is a self-signed SSL certificate much better than nothing? I am new to cryptography and security. I am trying to understand the point of…
Sheel Pancholi
  • 121
  • 4
2
votes
2 answers

Where to put SAN

Where SAN means: Subject Alternative Name. I feel I have a basic misunderstanding in which certificate the SAN stuff shall go: ca or server or both or what? It might be 3 Years or more in the past, where chrome / chromium browsers required the…
woodz
  • 131
  • 1
  • 6
2
votes
1 answer

Should I stop using DSA key algorithm self-signed certificates in production in favor of RSA Certificates?

We use a self-signed certificate with DSA key algorithm (and RSA signature algorithm) for securing a Kafka cluster in production. The access to the Kafka servers is already limited (by firewall) by allowing access only to specific IP subnets. The…
avm
  • 21
  • 4
2
votes
2 answers

Certificate verification fails for self-signed certificate

I'm trying to use a service that uses a self-signed cert. Download the cert: # printf QUIT | openssl s_client -connect my-server.net:443 -showcerts 2>/dev/null > my-server.net.crt Check that it's self signed (issuer and subject are the same): #…
little-dude
  • 137
  • 1
  • 6
2
votes
2 answers

HSTS doesn't work on browser when dealing with a self-signed certificate

We have a web portal and I need to add HSTS header in the response. Ours is an on-premise solution, so we use a self-signed certificate. I have added the hsts header in the response & I need to check whether it really works. I understand that for…
Abhishek Sharma M
  • 117
  • 2
  • 6
2
votes
1 answer

Is it wise to remove redundant self-signatures from my PGP key?

I have changed expiration date of my pgp key several times. Recently I looked at it and started to worry about the mess I can see there: $ gpg --list-sigs AAAAAAAAAAAAAAAA pub 4096R/AAAAAAAA 2014-11-23 uid Foo Bar…
abukaj
  • 273
  • 2
  • 7
2
votes
2 answers

typical purpose of self-signed certificates

I am trying to understand the typical purpose of a self-signed certificate. Reading this link on self-signed certificates and link on DV certificates I believe there is no information contrasting them so I infer that a self-signed certificate…
H2ONaCl
  • 924
  • 3
  • 10
  • 21
1
vote
1 answer

Why a public key must be signed with its private pair in PGP

I know about the trust web in PGP. When you sign a key, everybody that trusts you will trust the person with that key. But what is the point of self-signing a key when anybody else can do that with his own key-pair?
Fish_n_Chips
  • 11
  • 1
1
vote
1 answer

How insecure are self-signed certificates? Why does Tor still use them?

How insecure are self-signed certificates? Why does Tor still use them?
Gaai Chia
  • 71
  • 6
1
vote
3 answers

Self-Signed Certificates with SSL

Today I was playing around with an SslStream implementation in C#, and was able to create a client/server connection over TCP. Also to verify it, I used wireshark to ensure that the data was in fact encrypted, but I have a couple of…
michael b
  • 111
  • 5
1
vote
1 answer

Possible to create a self-signed certificate with AIA extension using PowerShell or openssl?

I am able to use the PowerShell New-SelfSignedCertificate cmdlet to create a self-signed cert just fine, but I'd like to create one with an AIA extension and give it an OCSP responder URL. There is a cmdlet parameter called -Extension, but the docs…
ericOnline
  • 297
  • 2
  • 6
1
vote
0 answers

What is the job on each file and command when creating self signed certificate

I had to create a self-signed certificate for client-server application but I do not understand what each file and command means and how the client and server work together to do the mutual SSL handshake. I follow those commands: creating…
user63898
  • 111
  • 1
1
vote
2 answers

HTTPS IP devices and certificate best practices, why can't I sign a certificate for my local ip device?

I have a IPv4 network behind a pfSense firewall at my small business. We have around 200 IP devices on the network. We have about 30 Axis IP cameras which have MJPG streams embedded into webpages as img tags. The webserver is internal and external…
David Sindar
  • 11
  • 2
1
2
3 4