Skip to main content

What is a Digital Certificate?

Dana Anderson
  • Updated

Understanding Server Certificates:

A server certificate plays a crucial role in digital communication by verifying the identity of a user or server sending a message. Its primary functions are to confirm the authenticity of the sender and enable the recipient to encode a secure reply.

There are generally two approaches to obtaining a digital certificate along with its private key:

  1. Self-Signed Certificate:

    • Generate your own certificate using the Cerberus FTP Server Getting Started Wizard or the Generate CSR tool in Cerberus (Server Manager>Security). This method is suitable if your goal is to ensure secure encryption for client and server connections. It's a convenient and cost-free option.

  2. Certificate from a Recognized Authority:

    • Obtain a certificate from a recognized Certificate Authority (CA) like Comodo, Thawte, Verisign, or others. This option is necessary if you want clients to verify the legitimacy of the server without encountering warning messages about being "unable to verify the server." It involves reaching out to a trusted CA and requesting a server certificate for a specified cost.

Choosing the Right Option: The choice between a self-signed certificate and one from a recognized Certificate Authority depends on your specific goals. If your aim is to ensure secure encryption for connections, a self-signed certificate is sufficient and easily created through Cerberus, with no associated costs.

Using a Self-Signed Certificate: Yes, you can use a self-signed certificate, especially if Cerberus FTP Server operates exclusively within your private network or for testing purposes before deployment on the internet. By default, the Cerberus Getting Started Wizard will create and install a self-signed certificate when first run the software. However, keep in mind that users won't be able to easily verify your server's identity. If you try to access the web client via a browser using a self-signed certificate, the URL field will indicate that the site is not secure and additional clicks may be necessary to reach the login page:

web_client_insecure_message.gif

You can always transition to a certificate signed by a recognized Certificate Authority later on if needed.

 
 
 
 

Related articles

Comments

0 comments

Please sign in to leave a comment.