Shulou(Shulou.com)06/03 Report--

This is a translated article, the provenance can not be found.

If you want to build a successful website, security is one of the key factors, especially for sites that need to collect PIA (personally identifiable information) from visitors.

Consider an e-commerce site that needs to enter a social security number, or, more often, an e-commerce site that needs to add credit card information to complete the purchase, where security comes not only from the expectations of those visitors. is the key to success.

If you are building an e-commerce website, you first need a security certificate to ensure the data security of the server. For the choice of certificate, you can create a self-signed certificate or get a signed certificate from a certificate authority (CA). Let's see the similarities and differences between the two certificates.

Similarity between CA signed certificate and self-signed certificate

Whether your certificate is signed by CA or by yourself, one thing is exactly the same: you will get a secure website. Data sent over a HTTPS/SSL connection will be encrypted and cannot be eavesdropped by a third party.

Since self-signed certificates can also do this, why pay CA?

CA tells your customers that this server information has been verified by the "trust source", and the most common CA is Verisign. CA will verify the ownership of your domain name and issue a certificate, which ensures that the site is secure and legal.

The problem with using self-signed certificates is that almost every Web browser checks to see if the HTTPS connection is signed by a trusted CA, and if the connection is self-signed, it will be marked as potentially dangerous and an error message will pop up, and your customers' trust in the site will be reduced.

Summary: the certificate signed by CA has the dual functions of identity proof and encryption, but because the self-identity is not trusted, the self-signed certificate only has the encryption function, which is used in situations without identity proof.

Under what circumstances can I use a self-signed certificate?

Because they provide the same protection, you can use self-signed certificates in any situation where CA signing certificates are used, but in some cases, such as testing HTTPS servers, you don't have to pay for CA signing certificates just to test the website, just remind testers that their browsers may pop up warnings.

You can also use a self-signed certificate if you need to enter privacy information, such as:

● username and password form

● collects personal (non-financial) information

Of course, only those who know and trust you will use such a site.

So you see, in the final analysis, it is the word "trust". When you use a self-signed certificate, you are saying to the customer, "Please believe me-I am who I am"; when you use a certificate signed by CA, you are saying, "Please trust me-Verisign can prove my identity."

If you are doing e-commerce, you need a CA signature certificate.

If you use a self-signed certificate only for customers to log in to your site, then they may forgive you, but if you ask them to enter credit card or Paypal information, then you really need a CA signed certificate, because most people trust the CA signed certificate, without it, they will not do business through the HTTPS server. So if you want to sell things on your website, invest in certificates, it's just the cost of doing business.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.