7

Self-signed certificates... I know you fuckers got them, I see them everywhere. Not cool, bruh

Comments
  • 1
    They are annoying, but are they a security risk?
  • 0
    @gnaaah certificates are supposed to verify identities. This only works if there's a chain of authentications leading to a root Certification Authority such as Verisign et al.
  • 1
    @ReturnVoid Self-Signed certificates also have this feature, except the CA is a small self created one.
    Still don't see a security risk...
  • 2
    Self-signed certificates are still better and safer than no certificate at all
  • 0
    I know that letsencrypt is a new thing in town but 15 minutes of research is all that takes to fix that thing
  • 0
    self signs are good enough for private comms between your server and your app, it's your domain, no need for any public ca.
    but, definitely bad for public websites.
  • 1
    Self signed certs are good for dev environments and nothing else.
  • 0
    Just remember that the CA's root certificate are self signed...
  • 0
    @gnaaah As far as I know, mitm attacks can be carried out on self signed certs without the users noticing. Could be wrong though
  • 0
    @Artemix I literally use it for every domain name at the moment yas
Add Comment