Skip to main content

Self Signed Certificates Vs Signed Certificates (CA Certificates)

Certificates

Certificates basically two categories.
Self Signed Certificates  - will create by self
CA Certificates  - will be  provided by Third party vendor with robust algorithms

Depends on the location of installing the certificate these are two types
1. Public Key Certificates (Client Side)
2. Private Key Certificates (Server Side)

Self Signed Certificates

 
If any one is using self signed certificates in their applications
they have to make sure both server side and client side certificates are in sync.
Other wise we should be ready to face SSLHandShake Exceptions. These will be preferable mostly for lower environments not for production.

CA certificates 


If you install CA certificates on server side, client side certificates are installed automatically whenever they access the server. So in production for CA certificates there is no need to install the client side certificates.

We can generate a Self Signed Certificate using Java Key tool
JAVA_HOME/bin/keytool.exe








Comments

  1. I think openssl also will be useful for generating the certificates. SSL certificates is one of the painful things to configure in dev environment. Need more details..

    ReplyDelete

Post a Comment

Popular posts from this blog

NO SQL Types and vendors in market

NO SQL

KEY - VALUE Store  - Similar to a  MAP.
   e.g. Dynamo DB or REDIS

DOCUMENT Sore  - Similar to KEY-VALUE, value can be JSON/XML and key will be unqiuely idnetified this document.
   e.g. Coutch DB or mongoDB.

Column Store - Multi timentional table, identifying data with row and column numbers.
  e.g.  Cassandra or Apache HBase

Graph Store - Store relation between nodes (record entities). It has better transaction management
e.g. Neo4J and Orient DB.




Spring Reactive Stack