none
ssl connection RRS feed

  • Question

  • Hi All,

    i want implement a solution using ssl and i want to use my own ca.

    i played with the following thought " is the connection still ssl secured even though i have certificate problems ?"

    in browsers like firefox i just tell him to add an exception and i get indication that the connection is secured, is that the case in IE too ?

    if get to the point that i only have a problem with name mismatch, will the connection still be secured ?

    Thanks in advanced,

    Udi

    Sunday, May 18, 2014 2:24 PM

Answers

  • SSL connections basically do two things, 1) encrypt the information being passed between your browser and the server, and 2) confirm that the remote server really is the remote server you think it is. So for instance when I make an online purchase, I want to know that no one can read my credit card information while it's in transit, and also that I really am logged into the shopping site I think I'm on, and not some hackers copy trying to steal my information.

    The first part of that is provided at all times, so yes, if you've created a self signed certificate (or used your own CA) then even if the browser displays warnings about name mismatches the connection itself is still secured, it simply can't valid the certificate to confirm you're connecting to the server you think it is. Obviously if this is for a local setup that's probably not a major issue, it's only really a bit problem where something is accessed publically, since you can't go telling customers "don't worry, just click to carry on anyway and ignore the warning"!

    • Marked as answer by Udi Mo Sunday, May 18, 2014 7:54 PM
    Sunday, May 18, 2014 3:57 PM

All replies

  • SSL connections basically do two things, 1) encrypt the information being passed between your browser and the server, and 2) confirm that the remote server really is the remote server you think it is. So for instance when I make an online purchase, I want to know that no one can read my credit card information while it's in transit, and also that I really am logged into the shopping site I think I'm on, and not some hackers copy trying to steal my information.

    The first part of that is provided at all times, so yes, if you've created a self signed certificate (or used your own CA) then even if the browser displays warnings about name mismatches the connection itself is still secured, it simply can't valid the certificate to confirm you're connecting to the server you think it is. Obviously if this is for a local setup that's probably not a major issue, it's only really a bit problem where something is accessed publically, since you can't go telling customers "don't worry, just click to carry on anyway and ignore the warning"!

    • Marked as answer by Udi Mo Sunday, May 18, 2014 7:54 PM
    Sunday, May 18, 2014 3:57 PM
  • Hi Keith,

    thank you very much for your time and reassurance.

    Best Regards,

    Udi

    Sunday, May 18, 2014 7:59 PM