Is a self signed cerificate secure from man in the middle once you have accepted it

certificate man-in-the-middle starttls

I have a mail server that has a self signed SSL certificate.

I use Thunderbird to access this server, and it asks me to accept this certificate.

So lets say I accept this in a semi secure location, for example on a local network. Then move on to an insecure net with my certificate accepted in Thunderbird email client.

Thunderbird is set to use STARTTLS to the email server.

Is it so that once this certificate is accepted, it is impossible to do a man in the middle attack. For somebody to make use of this public self signed SSL certificate they also need a private key that the mail server keeps?

The red flag is if Thunderbird one day suddenly wants me to accept a new certificate from the mail server.


You should strongly consider getting a free SSL Cert if you control the domain. There are a couple provides of free certs.

The "accepted" cert in Thunderbird pairs the hostname by which you referenced the server with the thumbprint of the certificate. So a MITM attack would be nigh impossible without solving the DL Problem. This assumes you picked a reasonable bit length (2048 or 4096 these days; though arguments could be made for 1024).

PKI Keys are only ever useful if you have both the private and public key. Yes, new warnings about certificate errors should always be reviewed with the utmost discernment.


Is it so that once this certificate is accepted, it is impossible to do a man in the middle attack. For somebody to make use of this public self signed SSL certificate they also need a private key that the mail server keeps?

That is correct. An attacker cannot fake being the remote server unless they have the private key that matches what the client is using.

Problems remaining include brute-forcing the certificate (basically not going to happen), stealing the private key from the server, or exploiting a software vulnerability (that would probably affect "real" certs exactly the same as self-signed certs).

For verification of a known certificate, a self-signed certificate that you are confident in when you accept it is as good as anything else. PKI / signing chains make distribution and revocation much simpler, but are not critical to maintaining the authentication of a key. They just help the simplicity and tracing. That matters in the public and with large companies. If you're just talking about your private mail server, I do the exact same thing with a self-signed certificate.

Related

How to add a extention to the php.ini file
Tools to automate windows server administration? Puppet? [closed]
Terminal server logs off users after 5 minutes
What are some shared-disk filesystems people have successfully used with iSCSI?
Recover NTFS data from a ZFS pool that was exposed as an iSCSI target
troubleshooting really slow login on a (linux) machine
My terminal shows an error of package.json not found while running yarn start command what should i do?
Execute function after connect to database
Dealing with a large gzipped file in Spark
How to parse PodSpec.spec.imagePullSecrets from a yaml file?
How do I add multiple data at once in Laravel?
ASP NET Core SignalR OnDisconnectedAsync not firing with hub [Authorized]