Larry Stone wrote, at 11/19/2008 01:50 PM: > You have a client connecting to a server with your self-signed > certificate (signed by a CA of your own creation). Connections to it do > not generate verification failures. Does the client have your > self-created CA's root certificate on it? If so, then it can verify the > self-signed certificate.
By definition, a self-signed certificate is a certificate signed with its own key, not one you sign "yourself". If you create your own CA and sign certificates with its key, verification of those certificates only depends on your root CA certificate being trusted. This allows you to distribute a single certificate to verify an unlimited number of signed certificates. Obviously, deploying a single self-signed certificate per host doesn't scale well. > As near as I can understand, the only practical difference between > certificates signed by a well-known CA and one signed by your own CA is > how widely distributed you can expect the CA root certificate to be. True. > For > a well-known CA, you expect every Internet connected computer to have > the root certificate. For a self-created CA, you can only expect to find > the root certificate on client systems you've put it on (which is why I > keep a copy of my self-created CA's root certificate on my keychain > drive). A self-created CA root certificate, once installed on a client > system, has the same status as a root certificate from a well-known CA. Yep. Which is why you shouldn't rule out a serious ass-whooping if someone catches you installing your CA root certificate in their client without permission. :) It's far better for me to create an exception for the few hosts using your CA than to unquestionably accept any certificate it has signed, setting the stage for a possible man-in-the-middle attack.
