1

I have done some research and I learned that both PFX files and SSL certificates are X.509 certificates. Then I wondered: can I purchase only one certificate (PFX/SSL/CER) and use it for many purposes? I need to do the following:

  • Allow HTTPS/SSL on my website (very important)
  • Sign PDF documents (very important)
  • Sign EXE/MSI files (important)
  • Sign e-mail messages (optional)

Do I need to purchase one certificate for each purpose? Or can I use only one certificate?

Thanks

ThiagoAlves
  • 1,313
  • 16
  • 25

1 Answers1

2

SSL certs and Code Signing certs are different animals and can't be used interchangeably. One certifies a publisher and one certifies a fully qualified domain name.

Christopher Painter
  • 54,556
  • 6
  • 63
  • 100
  • 1
    Also I would add that secure email is different certificate as well. – Crypt32 Jan 26 '15 at 16:01
  • Thank you! Maybe an alternative would be to create a certificate issued by my own CA, like that? http://stackoverflow.com/questions/9428335/make-your-own-certificate-for-signing-files/9685605#9685605 – ThiagoAlves Jan 26 '15 at 17:12
  • 1
    You can create your own certs but they won't be very useful if other people don't trust them. – Christopher Painter Jan 26 '15 at 17:22