is a self signed certificate always invalid the first time?

Michael Felt michael at felt.demon.nl
Fri Aug 11 12:36:35 EEST 2017 

I have looked at let's encrypt. Key issue for me is having to add a lot 
python stuff that would otherwise not be on any server.

Again,  All CA's like "Let's Encrypt" - and others that are accepted by 
the "majors", e.g., Windows, Mozilla make it much easier for the 
"random" user to use anything you protect with SSL (better TLS) without 
them having to grant "trust" manually. That "trust" is indicated because 
the CA that signed your certificate is recognized by a CA, that is 
recognized by CA, that is recognized by a CA in the "root-trust" list 
that the "majors" make available (e.g., the mozilla list available via 
the curl site (https://curl.haxx.se/docs/caextract.html)).

Now - back to Ralph's comment:


On 8/10/2017 1:42 PM, Ralph Seichter wrote:
> I have been running a CA for 15+ years, generating certificates only for
> servers I personally maintain. Since my business is too small to be able
> to afford all the steps required to have my CA trusted by Mozilla, Apple
> etc., this approach leaves me with the same problem self-signed certs
> have: How can I make third party applications like web browsers or MUAs
> trust the certs I created?
Rather than make the mistake I did years ago by make "unique" 
self-signed certificates for different servers - start out with a 
self-signed certificate that you use as a signing certificate. This is 
what Ralph means when he says "have been running a CA for 15+ years" - 
not that he is (though he could!) sell certificates commercially - 
rather, he is using an initial certificate to sign later certificates 
with. So, his "users" only need to add the public side of his signing 
certificate - and any certificate he has signed meets the "chain of trust".

So, if your users are "random", i.e., can come from anywhere - you may 
want a "major accepted/recognized" certificate authority so that you do 
not have to distribute your signing key. However, if your user pool is 
"select", or otherwise known - requiring them to use your "self-signed" 
CA may be a positive, rather than a negative.

Again, technically, there is no difference in a self-signed 2048-bit RSA 
key, and one signed by a "major" CA. However, in the "ease of use" there 
may be major differences.

And, Ralph, I salute you. I have never been able to be disciplined 
enough to be my own CA. :)

More information about the dovecot mailing list