Q

Creating a personal digital certificate

In this SearchSecurity.com expert Q&A, identity management and access control pro Joel Dubin discusses the pros and cons associated with creating a personal digital certificate.

This Content Component encountered an error

I want to create a personal digital certificate for a company, instead of requesting it from a certificate authority. Is this advisable, and what steps should I follow?

The only reason to create a personal digital certificate for a company is to acquire internal access . Otherwise, it won't be recognized by outsiders, unless it's registered with a certificate authority (CA), which could be a problem. For example, your Web site might depend on SSL, which requires publicly available digital certificates.

Without the CA seal of approval, you'd have to distribute the digital certificate on your own. Since most browsers have a built-in list of publicly known CAs, your personal digital certificate won't be recognized on the Web.

CAs are approved by the registration authority (RA), a trusted third-party that issues and verifies digital certificates. Remember, a digital certificate is like a driver's license. It's universally recognized because it's issued by a reliable source, like how a license is issued by a department of motor vehicles.

That doesn't mean you shouldn't issue your own certificate. If you're in a large organization and want to use it internally, it might make sense. Internally generated digital certificates can be used to verify network access for employees in distant departments. The digital certificate can provide additional authentication for access to files or systems from someone in a far away department.

Issuing digital certificates on your own can be done through a public key infrastructure (PKI). PKI is a dedicated system, or cluster of servers, that handles the creation of public keys associated with digital certificates. The PKI system creates, maintains and revokes certificates as needed.

PKI systems can be complicated and costly, but if your organization is large enough and the demand is there, it's worth it.

For more information:

This was first published in June 2007

Dig deeper on PKI and Digital Certificates

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close