Types of SSL/TLS Certificates Explained

Types of SSL/TLS Certificates Explained – Beginners Guide

  • Last Updated On: November 23, 2018

In this guide, we have explained the different types of SSL/TLS certificates with its use cases.

Terms Used:

  1. CA – Certificate Authority
  2. Root CA – Root Certificate Authority Certificate (Public)
  3. SSL – Secure Socket Layer
  4. TLS – Transport Layer Security

Types of SSL/TLS Certificates

There are three types of SSL Certificates.

  1. Self Signed SSL
  2. SSL from Trusted Certificate Authorities
  3. SSL signed by own Certificate Authority

Let’s have a look at each type and its use cases.

Self Signed Certificate

Self-signed certificates are generated without a Certificate Authority. Whenever you try to access the website or service which uses the self-signed certificate it will always throw a browser warning saying that your connection is not secure. Also, it doesn’t have an expiry date.

Use Case: Normally used for development purposes. It will not be used for any production environments.

Certificates Signed By Trusted CA

There are Certificate Authorities trusted by all web browsers. Normally these are paid services (Symantec, Comodo, DigiCert etc).

In this model,  the CA vendor will do validations to make sure the requested party owns the domain for which the SSL is requested for.

When you access a website which uses an SSL certificate signed by a trusted CA, you will not see the warning sign as the browser trust these Certificate Authorities by default.

Letsencrypt is a free open source trusted CA.

Use Case: Used on all public (Internet) facing applications. All the banking, ecommerce, organisations use a valid certificate signed by a trusted CA authority. The root CA certificate will be present on all the browsers by default if it is a trusted CA authority.

Certificates Signed By Your Own CA

You can create your own CA certificate and use it to sign the SSL certificates. It is normally used within an organisations network or authentication between specific services which is limited to the organisation network. In this model, the root CA cert will be installed on all the clients/servers which use SSL for authentication.

Use Case: Used applications internal to organisations. In this case, the organisation will provide the root CA to everyone who wants to access the internal application over SSL. They have to install the root CA manually in their respective browsers. Once added, they will not see the warning message when they access the services over SSL.

Read Next: How To Create CA and Generate SSL/TLS Certificates & Keys

0 Shares
Picture of Scriptcrunch Editorial

Scriptcrunch Editorial

ScriptCrunch is your go-to website for all things DevOps. We specialize in helping engineers master Kubernetes and other essential DevOps tools. Our main goal is to provide easy-to-follow tutorials and valuable resources, with a special focus on the Cloud Native Computing Foundation (CNCF). Additionally, we offer insights into Linux Foundation Training and its various initiatives.

Other Interesting Blogs

Leave a Comment

scriptcrunch

Top Resources

Scripting

  • Python

Information

Email Newsletter

Share via
Facebook
X (Twitter)
LinkedIn
Mix
Pinterest
Tumblr
Skype
Buffer
Pocket
VKontakte
Parler
Xing
Reddit
Line
Flipboard
MySpace
Delicious
Amazon
Digg
Evernote
Blogger
LiveJournal
Baidu
MeWe
NewsVine
Yummly
Yahoo
WhatsApp
Viber
SMS
Telegram
Facebook Messenger
Like
Email
Print
Copy Link
Powered by Social Snap
Copy link
CopyCopied
Powered by Social Snap