We use cookies to understand how you interact with our site, to personalize and streamline your experience, and to tailor advertising. By continuing to use our site, you accept our use of cookies and accept our Privacy Policy.

Your Digital Commerce Experts
Nexcess Logo

What is a self-signed SSL certificate?

September 09, 2019

A self-signed SSL certificate does not use the chain of trust used by other SSL certificates and is most often used to perform internal testing without the effort of acquiring a standard SSL certificate.

Definition

Standard SSL certificates are issued and verified by a trusted Certificate Authority (CA). They are required to operate websites using the HTTPS protocol favored by most reputable eCommerce retailers. Such certificates employ a chain of trust, in which each certificate is signed and trusted by a more credible certificate. This chain extends all the way up to root-certificates, which can only be provided by a finite selection of Root CAs such as Comodo, GeoTrust, Verisign, and others.

Self-signed SSL certificates avoid this chain of trust as they are signed by the entity requesting the certificate rather than a CA. Unlike CA-issued certificate, self-signed certificates are free to acquire, but they are generally only used for internal testing.

Appropriate use

It is generally inadvisable to use a self-signed SSL certificate on any website accessible by the public. Most browsers will notify users that such a certificate cannot be verified, scaring most visitors away almost immediately.

By its very nature, a self-signed certificate is easier to forge than a CA-issued certificate. Most professional, public domains should avoid such negative connotations and instead purchase a standard SSL certificate from a trusted CA.

Because they are free, self-signed SSL certificates see more use on internal test sites, when a company may advise employees to ignore the browser warnings. However, this still poses some risk because such a policy can encourage unsafe public browsing habits, which may then carry over to public browsing.

For 24-hour assistance any day of the year, contact our support team by email or through your Client Portal.

Jason Dobry