SSL Differences

OverloadedTech · June 16, 2021, 10:46am

Hi, where are the differences to a Self Signed SSL and of a Standard SSL?

VisualKitten · June 16, 2021, 10:51am

Both have https:// but a Self Signed SSL doesn’t have any encryption while a standard SSL has strong cipher suites and encryption. If a site uses Self Signed SSL it will not be trusted by the majority of browsers…

Fristender · June 16, 2021, 10:52am

Also if you are using Cloudflare, DO NOT use the Cloudflare thing in Cpanel. Use Cloudflare from the Cloudflare website. Also, do not use full (strict) in cloudflare because you cannot install Cloudflare’s Origin CA Certificate.

alexvf · June 16, 2021, 10:54am

A Self-signed SSL Certificate is an SSL Certificate that is issued by the individual using it. It’s issued with software that the user has and controls. This can be good for testing environments but it’s got some major drawbacks. When a browser receives an SSL Certificate it’s looking for it to be issued by a party it trusts. When you sign your own certificate you’re essentially vouching for your own identity.

A Trusted CA Signed SSL Certificate (CA Certificate) is an SSL Certificate that’s been authenticated by one of the trusted Certificate Authorities that are authorized to issue them. These CA’s are trusted by the browsers because they meet all the requirements that have been set for issuing SSL Certificates and they have safeguards in place to mitigate mis-issuances and other sorts of fraudulent behavior.

OverloadedTech · June 16, 2021, 1:36pm

But because a Self Signed certificate is detected by browsers (like chrome) coem untrusted

alexvf · June 16, 2021, 1:40pm

It depends on how you use it.

For example, I use one self-signed certificate from InfinityFree between my hosting and Cloudflare.
But I use a Cloudflare trusted CA certificate between Cloudflare and my website’s viewers.

This way, all my users only see the trusted certificate and never see the self signed certificate, because it only works between InfinityFree and Cloudflare.

OverloadedTech · June 16, 2021, 2:12pm

But a self signed does support https?

alexvf · June 16, 2021, 2:13pm

Yes, it supports HTTPS. But most, if not all, browsers don’t trust it.

TigerMANEK426 · June 16, 2021, 2:21pm

The key difference is that a self-signed doesn’t have a trusted root CA. Browsers read the Certificate and look for a Root CA. If none is found, then the browser can’t ensure the connection as it not be signed by a trusted provider.

The structure of a certificate is like this:

--| domain certificate (issued by 'example')
----| certificate for 'example' (issued by 'exampleCA')
------| certificate for 'exampleCA' issued by 'exampleCA'

Without this chain, a browser cannot ensure the secure connection between the device and server.

OverloadedTech · June 16, 2021, 2:35pm

Ok

system · July 1, 2021, 2:35pm

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.