The Root of Certificate Authorities

Ask any cybersecurity professional if using self-signed SSL certificates is acceptable, and they’ll probably say “not really.” Ask why, and we’ll say “we can’t always know who’s behind the screen,” even though we really want to say “Man-in-the-Middle attack.” Then we’d advise your server to utilize a certificate issued by a Certificate Authority trusted by your users, or one that uses an established Public Key Infrastructure (PKI).

In the reverse scenario, the solution is less straightforward. When the intended user is an average person using a web browser to reach your website, we assume the user will be seeking out an SSL certificate issued by a trusted certificate-issuing authority to be installed on your server. These authorities are called Root Certificate Authorities (Root CA). They are previously installed on the user’s computer because some other entity – think Microsoft, Apple, Mozilla, etc. – trusts the user, and the user trusts their operating system to look out for them. This path is the PKI…

Read Full Blog

Shares

Written by:

Leave a comment