Home page logo

basics logo Security Basics mailing list archives

Re: SSL Server IDs
From: Nicholas Diotte <xphox () xphox net>
Date: 19 Nov 2003 19:58:04 -0000

In-Reply-To: <BAY5-F294OxAA8lCaHp00014078 () hotmail com>

I'm sorry, I should have mentioned.  This will be used for internal servers, ranging from our Trouble Ticket System, 
KVM IP Switches, to our IIS/Apache servers.  However we are a Financial Institution, which leads me to believe self 
sign certs may not be an options.  That is why I need to learn as much as possible regarding SSL certificates.  In the 
past for my personal use, I've always used self signed, however are their drawbacks... etc..


How big is your company?  If it's small and most of the usage is internal, then self-sign using a certificate authority 
and then trust the certificate authority through their browsers.  But if you have many external customers, then it'll 
increase their confidence in your sites if you use Verisign, whether they are secure or not.  My 2 cents.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]