In this article, we will explain about Self Signed Certificate and the steps you need to follow when you see self signed certificate warnings when connecting to your own VPS or Dedicated server.
What is a Self Signed Certificate?
A self signed SSL certificate is an SSL certificate that does not verify the identity of the server. It works the same as a normal SSL certificate with one major difference. Standard SSL certificates are issued and verified by a trusted Certificate Authority (CA).
Standard Certificates
These certificates are verified by a third party to confirm your server is who it says it is. This will allow visitors to your server or website to successfully connect via an encrypted connection.
Self-Signed Certificates
On the other hand, a self signed certificate is not verified by a third party. Instead, your server issues its own SSL certificate so that it may serve encrypted HTTPS access to visitors.
There is no third party to verify whether or not you are connecting to a trusted server. This causes modern web browsers to show a warning, or SSL connection error when visiting these websites.
Normally SSL certificates not verified by a third party certificate authority are not trusted by your browser by default.
Let's see warnings on different browsers
When you trying to login to cPanel or WHM on your own VPS or Dedicated server over the SSL (Secure Socket Layer) protocol you may have seen a warning’s in different browser's similar to what is shown below.
Google Chrome
Internet Explorer
Safari
You should understand exactly what this warning means, what you should do when you see this and actions you can take to get around this.
What should You do when you see this error?
Every SSL certificate contains two parts:
1. Identity verification and 2. Encryption. Most browsers verify the identity of the site through a third-party service, such as Comodo. Though self-signed certificates are fully encrypted, they cannot be verified by third parties.
Even though your browser issues the warning, you may safely bypass this warning. This will allow you to connect to your service still utilizing an encrypted HTTPS connection. Most browsers will permit you to ignore the warning and these warning will vary based on what browser you are using.
When you should be cautious ?
Where you would typically take caution on these types of errors would be if you were accessing your bank or a credit card’s website, as that could be an indication your secure data isn’t properly going to the right server.
How to fix this warning?
If you don’t want bypass this warning then you should install a verified SSL certificate on your server hostname.
As per the requirements of your website, you may decide to either create a self-signed certificate or purchase an SSL certificate. Because a Trusted CA Signed SSL Certificate verifies the identity of the server and it is more secure.
Conclusion
For testing environment, you can use Self-Signed certificates but it leads to browser warnings. So, we recommend to order our trusted CA Signed SSL certificates for your websites.