Win a copy of Svelte and Sapper in Action this week in the JavaScript forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Bear Bibeault
  • Junilu Lacar
  • Jeanne Boyarsky
  • Tim Cooke
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • salvin francis
  • Frits Walraven
  • Scott Selikoff
  • Piet Souris
  • Carey Brown

Some queries regarding Digital Certificate!

Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi All,
Below are my doubts. Sorry for long queries:

Q. "A self signed certificate is a certificate that is signed by the person creating it rather than a trusted certificate authority. Free self signed certificates can enable the same level of encryption as a $1500 certificate signed by a trusted authority, but there are two major drawbacks: a visitor's connection could be hijacked allowing an attacker view all the data sent (thus defeating the purpose of encrypting the connection) and the certificate cannot be revoked like a trusted certificate can. " What it means? If connection is secure then how the data can be hijacked?

Q. "Any attacker can create a self signed certificate and launch a man-in-the-middle attack. If a user just accepts a self signed certificate, an attacker could eavesdrop on all the traffic or try to set up an imitation server to phish additional information out of the user. Because of this, you will almost never want to use a self signed certificate on a server that requires anonymous visitors to connect to your site." what I got is, attacker can create a fake server with his own signed certificate and get all the data. But what the last line means about anonymous visitors?

Q. Diff between keytool and openssl? Can we do all the work (create keys/sign/import) with a single tool?

Q. "self-signed certificate is not used in SSH public key authentication". what it means? If it is not used in authentication then what is the purpose of self-signed certificate?

Q. When the public key is getting created? while setting the java keystore with keytool or while creating certification request? Can I see the public key in certificate?
    Bookmark Topic Watch Topic
  • New Topic