Käyttäjä:SydelleSeda648
If you manage a site that exchanges private information using the site users, for example an e-Commerce site, you probably realize that you should be using the Secured Socket Layer (SSL). SSL enables a secured, encrypted, link between your internet server and the user's browser. This involves that you simply get the SSL Certificate.
But there are a lot of SSL Certificate providers with a number of choices. Certificate providers charge varying prices each year for different products. If you have multiple internet sites the expense can add up.
However, you will find free Certificates available. They provide a secure, encrypted connection much like other SSL Certificates. So, why wouldn't you pay when you are able use a free certificate?
Good question!
All things being equal, free is my personal favorite budget range!
It is extremely tempting to choose the free "self-signed" Certificates and it could be all that's necessary. However, everyone knows about what happens when you are penny wise!
When a user connects to an SSL site a message is sent using the certificate information required to setup the secured connection. It must range from the name of the certificate "signer" which is either:
the creator from the certificate (self-signed) or a 3rd party known as a Certificate Authority.
A Certificate Authority provides assurances the site the user thinks they're connecting to is in fact that site. There are scams where hackers trick users into thinking they're attached to one site and they're actually communicating with another. Users may provide personal and financial information to criminals engaged in fraud. Self-signed certificates leave your users susceptible to these predators.
Due to this, most browsers will display a warning message that the site might be unsecure. The user can bypass the content, but it does not leave the user having a warm and fuzzy feeling concerning the site. And also the message is correct. In case your web site has been hacked by a scammer your users are in peril if they proceed.
So, when in the event you use self-signed certificates?
I'd only use them on internal site, intranet sites. For instance, if you have labs which are testing sites that require SSL it can save you some cash by using self-signed certificates.
I'd never use a self-signed certificate on the web, "customer facing" as we say. The danger is just not worth it and also you risk alienating your users. If you're a commercial site servicing customers, that free certificate will finish up being very costly.
