An SSL (Secure Sockets Layer) certificate is required for all SSL transactions, and is required for HTTPS. There are two types of SSL certificates:
- Self-signed certificates generated by the application itself
- Certificates that are signed by a CA (Certificate Authority) such as Verisign or Thawte
DIFFERENCE BETWEEN SELF-SIGNED & CA CERTIFICATES:
The primary operational difference between a self-signed certificate and a CA certificate is that with self-signed, a browser will generally give some type of error, warning that the certificate is not issued by a CA. An example of the self-signed certificate error is shown in the screenshot below.
This is the same warning message you receive when connecting to the Web User Interface (WUI), as the WUI uses a self-signed certificate. Generally, this warning should occur only once per browsing session.
Both self-signed and CA signed certificates provide encryption for data in motion. A CA-signed certificate also provides authentication - a level of assurance that the site is what it reports to be, and not an impostor website.
RECOMMENDED CERT IN DATA360 ANALYZE:
If you use a self signed cert to enable HTTPS, Chrome (or any browser) will warn you about not trusting the site and you'll have to tick a box to get past it. It will still work, however it would be better if users didn't see warnings like that, to avoid confusion. Therefore, we recommend you use a cert from a CA.
It is recommended that self-signed certificates should not be used for public-facing production websites.
They may be acceptable for use in some other cases, for example:
- Intranet sites
- Quality Analysis (QA) sites, where web sites are tested but not presented to the general public
STEPS TO ADD CA CERT TO DATA360 ANALYZE:
Comments
0 comments
Please sign in to leave a comment.