When installing an SSL certificate using the SSL/TLS Certificate Install Wizard, the option of creating a self-signed certificate is available. Unlike certificates purchased from a certificate authority, self-signed certificates can be created quickly and for no cost, making them useful for quick tests or internal servers.
However, although self-signed certificates provide strong encryption, they cannot be used to verify which server is being connected to. For this reason, most web browsers will warn a user if they attempt to connect to a server that's using a self-signed certificate. e.g.:
Web Browser | Sample Warning | More Information |
Microsoft Internet Explorer | There is a problem with this website's security certificate. | About certificate errors |
Mozilla Firefox | This Connection is Untrusted | This connection is untrusted |
Google Chrome | The site's security certificate is not trusted! | Webpage display issues |
Opera | Certificate signer not found | Certificate warning |
To reduce confusion and avoid issues of mistrust, NCH Software recommends that a certificate be purchased from a certificate authority for any server application that will be accessed by the general public.