Question
I am getting my hands dirty with https, ssl, PKI stuff. And there is one thing that I dont quite understand with self signed certificates. Say I want to create a self-signed certificate and send it over to my friend whenever we want to establish a secure connection.
So the steps are:
So when my friend gets my certificate he has to verify that the certificate he gets is mine, he needs to decrypt digital signature. But in order to decrypt it and verify he has to have my private key. So, I am a bit confused here.
Solution
You've got things reversed. You sign with your private key that only you have.
You include your public key with the signature so the recipient can "verify" that the signature was calculated correctly.
But a self-signed certificate gives no assurance of the sender's identity since there is no way to independently verify that the signed data/document came from the supposed signer.
https://stackoverflow.com/questions/21817895
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian