Who can issue SSL Certificates?
SSL Certificates can be issued by anybody using freely available software such as Open SSL or Microsoft’s Certificate Services manager. Such SSL Certificates are known as “self-signed” Certificates. However, self-signed SSL Certificates are not inherently trusted by customer’s browsers and whilst they can still be used for encryption they will cause browsers to display “warning messages” – informing the user that the Certificate has not been issued by an entity the user has chosen to trust. Warning message IE users will see from a self-signed SSL Certificate Warning message Netscape users will see from a self-signed SSL Certificate Such warnings are undesirable for commercial sites – they will drive away customers. In order to avoid such warnings the SSL Certificate must be issued by a “trusted certifying authority” – trusted third party Certification Authorities that utilize their trusted position to make available “trusted” SSL Certificates.
