Is a self-signed SSL certificate much better than nothing?

Self-signed certificate means that:

  • You are still using SSL, so you use encryption, so you are defeating passive attackers: someone who wants to see your secrets will have to commit visibly to the effort, by mounting a fake server or a man in the middle attack.

  • On the client side, you can use "direct trust", i.e. specifically instructing your browser to trust the specific server's certificate. The first connection to the server is vulnerable to a MitM, but afterwards you are protected. See this answer for some discussion.

So yes, in many situations, SSL with a self-signed certificate is much better than no SSL at all. Of course, "better" and "good" are not the same thing...

A client-side certificate is about convincing the server of the client identity. A fake server is able to ask for a client certificate just like the genuine server, so no improvement here. A client-side certificate can help against MitM, though, if the genuine server is educated to require a valid client certificate (a true MitM is a double-impersonation: the genuine server talks to a fake client, and the genuine client talks to a fake server; if the server requires a client certificate, then half of the MitM won't work, namely the part with the fake client).


Well, it does give more security, if you trust that the entity that signed their own certificate is who they say they are. Since that's you, it's pretty straightforward, assuming you can be sure that nobody else has ever had unfettered access to that certificate.

Certificate signing by a public CA is a means to provide evidence of identity to more or less complete strangers that are trying to find the "real" Facebook, or Bank of America, or eBay. When connecting for the first time, or even the first time in a while, they can have no assurances that the IP address the DNS server returned is really correct. So, the server on the other end sends its certificate, matching the IP address to a name and providing proof that the data on that certificate has been vouched for by someone else, who in turn has a certificate that's been vouched for by a third party, and so on up to a small number of "trusted roots" that you simply have no choice but to trust if you are to trust anyone at all.

Since your server and your client can be "introduced" in a secure environment, where you can sit in a single chair in a single room, export a generated key file from your server's certificate store and import it into your client computer as a trusted personal certificate, with every machine, wire and thumb drive involved sitting right there in front of you, this "first time" connection actually happens offline. From then on, when you connect remotely over a network, you can verify the identity of your server, because it presents exactly the certificate your client machine was told to trust. This method is called "certificate pinning" and it is used all the time in situations like yours, where one computer you control needs to prove it's talking to another computer you control.

Once you've answered the trust question, the tunnel created for confidentiality between your two computers using a self-signed certificate is no different than one created using a CA-signed certificate. Your client asymmetrically encrypts and sends a request to establish a symmetric encryption channel of a specific type by using a predefined key exchange method, the server decides whether it wants to use that method, and if so it responds with encrypted information that allows the client to complete the channel on their end (or simply an encrypted acknowledgement, if the "key exchange method" was simply for the client to send the server the key they wanted to use).


Is it more secure than HTTP?

Yes, it is. HTTP will be transfering your data via plain-text while a self-signed certificate will provide the protection by encrypting your data.

Do verified certificates provide more security?

Where I think not having a verified certificate may be a problem is with Man in the Middle attacks. If your computer doesn't know that the certificate is trusted, via an authority or already stored certificate, it is possible for someone to intercept traffic decrypt, read, and re-encrypt it using their own SSL keys and certificates. Of course if you have your certificate stored as trusted on the computer you're using it would show an alert if it was a man in the middle attack.

You will also want to make sure your private key is protected very well because you loose revocation that many CAs provide.

Tags:

Tls

Related

What are the security implications of enabling UPnP in my home router? Is Torrent safe for sharing legitimate files (file verification)? Does it use SHA1 or SHA256? How is storing an API secret key in plaintext (in a database) secure? Why would a remote desktop connection harm my PC? How can I make sure the mic input of my laptop/computer/cell is not secretly scanned for keywords and sent to the government? Detecting Tor proxy by reading request headers Is there a way to verify a binary against the sources? Prevent my site from being copied SQL injection using letters and numbers? How risky is connecting to a hidden wireless network? Can someone explain what exactly is accomplished by generation of DH parameters? Can a nation-state adversary perform a MITM attack by compelling a CA to issue them with fake certs?

Recent Posts