I want to create a personal digital certificate for a company, instead of requesting it from a certificate authority. Is this advisable, and what steps should I follow?
The only reason to create a personal digital certificate for a company is to acquire internal access . Otherwise, it won't be recognized by outsiders, unless it's registered with a certificate authority (CA), which could be a problem. For example, your Web site might depend on SSL, which requires publicly available digital certificates.
Without the CA seal of approval, you'd have to distribute the digital certificate on your own. Since most browsers have a built-in list of publicly known CAs, your personal digital certificate won't be recognized on the Web.
CAs are approved by the registration authority (RA), a trusted third-party that issues and verifies digital certificates. Remember, a digital certificate is like a driver's license. It's universally recognized because it's issued by a reliable source, like how a license is issued by a department of motor vehicles.
That doesn't mean you shouldn't issue your own certificate. If you're in a large organization and want to use it internally, it might make sense. Internally generated digital certificates can be used to verify network access for employees in distant departments. The digital certificate can provide additional authentication for access to files or systems from someone in a far away department.
Issuing digital certificates on your own can be done through a public key infrastructure (PKI). PKI is a dedicated system, or cluster of servers, that handles the creation of public keys associated with digital certificates. The PKI system creates, maintains and revokes certificates as needed.
PKI systems can be complicated and costly, but if your organization is large enough and the demand is there, it's worth it.
For more information:
Dig Deeper on PKI and digital certificates
Related Q&A from Joel Dubin
Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums ... Continue Reading
Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good ... Continue Reading
After a server room door has been compromised, finding a more secure solution is of utmost importance. Learn how to choose a server room door that ... Continue Reading