IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [self-signed]

Self signed certificates.

58 questions
1
vote
1 answer

Independent C library or function (on Linux) to programmatically generate a self-signed certificate

Is there a simple C library or function to programmatically generate a self-signed certificate in C on Ubuntu? Of course, one can execute a simple system("....") call to execute a CLI. I am looking for a native, small, stand-alone library just for…
asinix
  • 261
  • 1
  • 5
1
vote
1 answer

Chrome: why is invalid certificate usage for resources loaded from localhost disabled?

In chrome there is a flag called: allow-insecure-localhost. As far as I can tell all it does is block localhost connection over tls if the certificate is self signed. Why is this feature turned off by default? Does it affect regular users in any…
user2887596
  • 121
  • 3
1
vote
3 answers

How does server validate that self-signed certificate came from the client who self-signed the certificate in mutual TLS?

I have a mTLS (client authentication) setup where client sends a self-signed certificate. This self-signed certificate is transferred to and trusted by the server. The server's certificate is signed by Let's encrypt and Let's encrypt CA is trusted…
Harry Cho
  • 165
  • 5
1
vote
1 answer

Self Signed Certificate in Certificate of Chain

I setup an internal Root CA with another Intermediate CA, which will issue and sign the certificates for other internal servers. When I did the "openssl s_client -connect :443" it shows the error message that "Self Signed Certificate is in the…
JT Lai
  • 11
  • 2
1
vote
2 answers

Are SAN IP addresses / DNS names useless in self signed certificates by untrusted CAs?

I want to generate a self signed certificate for temporary local testing of a web service via HTTPS. I don't want to install the CA though, because the self signed certificate is generated on the fly with each start of the web service and I'd have…
phlow
  • 11
  • 1
1
vote
1 answer

Self-signed CA certificates - Can we throw away the private keys

I'm rather confused about self-signed certificates. I would be grateful if anyone can clear up my confusion. I'm working with Amazon AWS IoT, and in order to create our own certificates on a device to communicate with the cloud, we must first create…
Engineer999
  • 257
  • 1
  • 8
1
vote
2 answers

Port bound TLS certificates? (1 Self-signed & 1 CA)

For my android game, I want to secure the connection between the server and its clients through TLS certificates on each side, because of the sensitive data that is beeing exchanged through a token based login system and other userdata. Webbrowsers…
Androphin
  • 13
  • 3
1
vote
0 answers

IRC client with ability to verify server's self-signed cert fingerprint

I'm playing around with UnrealIRCd on CentOS. Just went through the config and compiling and got the ircd up and running. When I go to connect to it via HexChat I can only get through by checking the box on HexChat that allows self-signed…
m0p3r
  • 41
  • 6
0
votes
0 answers

Client Identification using Self Signed Certificates

Taking the concept from the Gemini protocol that allows clients to identify themselves using their own self-signed certificate - is this a valid concept that could be used in other protocols and what is the downside? From a client's point of view,…
LittleBobTable
  • 1
  • 1
0
votes
1 answer

Are self-signed certificates better for local usage?

When generating a certificate what would more secure - generating a self-signed certificate using PGP or using a public CA like Let's Encrypt? We are using it for signing and encrypting. What are the advantages and disadvantages?
Munchkin
  • 212
  • 2
  • 10
0
votes
0 answers

Is it possible for a company to buy a signing certificate so that everything it signs (Software,SSL, Documents) states its from that company?

If I work for a company that wants to sign its own certificates for its website, documents and software it writes, is it possible? I have read a couple of post on here from around 10/8 years ago but has it changed much since then? Is it any more…
Definity
  • 109
  • 1
0
votes
1 answer

How to update self-signed server certificate on the clients

We are currently shipping a product to our customers that is server-client-based running on Windows server 2016 (server) and Windows 10 (clients). The server is installed on-premise in our customer's infrastructure. We are always installing the…
Juergen
  • 21
  • 1
0
votes
1 answer

Is there any point in separating private key gen for a self signed certificate?

Disclaimer + Background Since self signed certs are not that popular, here's some context: I have a 3rd party client/server application that we're currently using (inside the LAN!) via unencrypted TCP/IP. (The protocol is proprietary, not…
Martin
  • 1,247
  • 2
  • 12
  • 19
0
votes
1 answer

Implications of using a self-signed certificate to sign JWT tokens in OAuth

I'm looking to setup an integration between GitHub and Service Now and I can use OAuth2 using JWT Tokens, the steps to take can be found here. There is a specific step that states: Create a CA signed certificate using the GitHub App private…
user1876202
  • 159
  • 5
0
votes
2 answers

Required certificate key usage for signing document

What's the required key usage/extended key usage for signing documents, eg.PDF, Word, PowerPoint, Excel, etc... I am going to create a self-signed certificate that is needed to sign those documents. I wonder which key usage is required as there are…
CHOO YJ
  • 103
  • 4
1 2
3
4