Linux

  1. Home
  2. Computing & Technology
  3. Linux

Ubuntu

Documentation

By Juergen Haas, About.com

Types of Certificates

You need a key and a certificate to operate your secure server, which means that you can either generate a self-signed certificate or purchase a CA-signed certificate. A CA-signed certificate provides two important capabilities for your server:

  • Browsers (usually) automatically recognize the certificate and allow a secure connection to be made without prompting the user.

  • When a CA issues a signed certificate, it is guaranteeing the identity of the organization that is providing the web pages to the browser.

Most Web browsers that support SSL have a list of CAs whose certificates they automatically accept. If a browser encounters a certificate whose authorizing CA is not in the list, the browser asks the user to either accept or decline the connection.

You can generate a self-signed certificate for your secure server, but be aware that a self-signed certificate does not provide the same functionality as a CA-signed certificate. A self-signed certificate is not automatically recognized by most Web browsers, and a self-signed certificate does not provide any guarantee concerning the identity of the organization that is providing the website. A CA-signed certificate provides both of these important capabilities for a secure server. The process of getting a certificate from a CA is fairly easy. A quick overview is as follows:

  • Create a private and public encryption key pair.

  • Create a certificate request based on the public key. The certificate request contains information about your server and the company hosting it.

  • Send the certificate request, along with documents proving your identity, to a CA. We cannot tell you which certificate authority to choose. Your decision may be based on your past experiences, or on the experiences of your friends or colleagues, or purely on monetary factors.

    Once you have decided upon a CA, you need to follow the instructions they provide on how to obtain a certificate from them.

  • When the CA is satisfied that you are indeed who you claim to be, they send you a digital certificate.

  • Install this certificate on your secure server, and begin handling secure transactions.

Whether you are getting a certificate from a CA or generating your own self-signed certificate, the first step is to generate a key.

* License

* Ubuntu Server Guide Index

Explore Linux

More from About.com

Browse All About.com

Linux

  1. Home
  2. Computing & Technology
  3. Linux
  4. Linux Distributions
  5. Popular Linux Distros
  6. Ubuntu
  7. Ubuntu Server Documentation
  8. Ubuntu Server Guide - Types of Certificates

©2008 About.com, a part of The New York Times Company.

All rights reserved.