Collaborate Disseminate
Taking the concept from the Gemini protocol that allows clients to identify themselves using their own self-signed certificate – is this a valid concept that could be used in other protocols and what is the downside?
From a client’s point … Continue reading Client Identification using Self Signed Certificates
When generating a certificate what would more secure – generating a self-signed certificate using PGP or using a public CA like Let’s Encrypt? We are using it for signing and encrypting.
What are the advantages and disadvantages?
Continue reading Are self-signed certificates better for local usage?
How insecure are self-signed certificates?
Why does Tor still use them?
Continue reading How insecure are self-signed certificates? Why does Tor still use them?
Aren’t self-signed certificates vulnerable against MITM attack? What measures did Tor take to prevent MITM attack against self-signed certificates?
Continue reading Why does Tor use self-signed certificates? Isn’t it insecure?
In the near future, I will have about 50 remote computers to manage. These will be physical PCs running Debian 11, distributed all over the country. They will automatically perform a special kind of measurement repeatedly, and upload the r… Continue reading Reverse Shell for managing unreachable remote computers
If I work for a company that wants to sign its own certificates for its website, documents and software it writes, is it possible? I have read a couple of post on here from around 10/8 years ago but has it changed much since then?
Is it an… Continue reading Is it possible for a company to buy a signing certificate so that everything it signs (Software,SSL, Documents) states its from that company?
I created TLS via AWS private CA and cert-manager then set it in Kubernetes from this blog:
TLS-enabled Kubernetes clusters with ACM Private CA and Amazon EKS
In this way we can access the application service via self-signed CA(PCA) but th… Continue reading How to create a TLS-enabled Kubernetes service with AWS ACM/PCA for a common application?
We are currently shipping a product to our customers that is server-client-based running on Windows server 2016 (server) and Windows 10 (clients). The server is installed on-premise in our customer’s infrastructure. We are always installin… Continue reading How to update self-signed server certificate on the clients
Disclaimer + Background
Since self signed certs are not that popular, here’s some context:
I have a 3rd party client/server application that we’re currently using (inside the LAN!) via unencrypted TCP/IP. (The protocol is proprietary, not … Continue reading Is there any point in separating private key gen for a self signed certificate?
I am trying to understand the security problems when working with a game that needs an account for its players.
What is the problem of using a self-signed certificate?
If I understand the problem correctly, it’s just that if the server pri… Continue reading What is the problem of using a self signed-certificate for a game?