0

I have some internal services that I need to secure them with https.

What security issue can happen if I use a self-signed ssl and trust it on all client's systems?

marc_s
  • 732,580
  • 175
  • 1,330
  • 1,459
heydar dasoomi
  • 527
  • 1
  • 4
  • 19
  • That depends who has access to the private key of that self-signed certificate. – Robert Dec 18 '21 at 14:41
  • Just me.I'm going to generate it on servers and keep them there – heydar dasoomi Dec 18 '21 at 14:48
  • 1
    Then there should not be a security problem (assuming the private key is a cryptographically strong key (like RSA 2048) and the used hash algorithm is also not weak (SHA-1 is nowadays considered no longer secure). – Robert Dec 18 '21 at 16:19
  • 1
    Why not create your own (root) CA? Using self signed certs does not scale; any node that is added will need to have the trust in a new certificate established on all nodes. – Maarten Bodewes Dec 18 '21 at 21:02
  • @Robert For 128 bit security and RSA you'd need a 3072 bit key. – Maarten Bodewes Dec 18 '21 at 21:03

0 Answers0