How to trust my own self-signed SSL cert?

security web-server ssl ssl-certificate openssl

I have a domain that I want to have webmail on, and I want it to be secure. I'm the only one who uses this site, yet I still want it to be secure.

I can't afford, and I don't think it makes sense to pay a CA to sign my cert.

I have SSL working at the moment with my self signed cert...but I want to know if it is enough.

If someone generates a self signed cert with the same info as my certificate, is there any way I can tell, short of memorizing the serial number or something?


Solution 1:

If you create your own certificate, generated from your own Certificate Authority, you can configure your browser of choice to trust that CA. That way it will trust the certificate you created from that CA. A random person creating a certificate with identical information to yours should cause your browser to throw SSL validation failure errors, since that certificate would not be signed by a CA you trust.

Solution 2:

If you are the only one to use the domain, then a self-signed certificate is sufficient. Creating your own certificate means generating your own CA private key. As long as you can keep this private key secure, you then don't have to worry about anyone forging certificates. Without this private key it's impossible for anyone to generate a certificate with the same public key, and you will be able to tell by comparing the public keys.

Related

Formalizing an idea [closed]
Hartshorne Exercise II. 3.19 (c)
Why are monotone functions Riemann integrable on a closed interval?
Subtracting two dates
Solve $\int_{0}^{\pi/2} \arccos\left( \frac{\cos(x)}{1+2\cos(x)} \right) \mathrm dx$ [closed]
understanding the commutator of dihedral group [duplicate]
How many continuous function $f(x)$ exist such that $\int_{0}^{1}f(x)\big(1-f(x)\big)\mathrm dx = \frac{1}{4}$? [closed]
Norm of a fractional ideal of an order of an algebraic number field
Theorem $2$ (Variational principle for the principal eigenvalue)
Automorphisms of a Cyclic Group
simple tools to extract Re,Im,Abs... of any complex function
$A \longrightarrow \text{Im} f$ is an epimorphism and a cokernel of ker $f \longrightarrow A$ in every abelian category