How to validate self-signed certification

南楼画角 提交于 2019-12-06 03:49:11

Imagine if the certificate were not self signed - it is signed by a trusted certificate authority. The reason it works is because your client device - windows, mac, linux, iphone, android device already has the certificates of all the well known certificate authorities. The operating system does the work for you when you make the connection. It ensures that the certificate sent to the client during the connection is signed by a well known certificate authority. The only reason this works though is because the client already has the certificates for all the well know certificate authorities.

If you choose to use a self-signed certificate - or a certificate signed by a self-signed certificate authority - you have to do the work, instead of the operating system. However - the task is basically the same - you need to verify that that the certificate sent to the client during the connection matches what is expected. And you will need to use the same strategy that signed certificates use - your client has to have the expected certificate (or certificate chain) pre-installed.

Some how, some way you need to ensure that your client already has the self signed certificate. Specifically all the public information in the certificate. The client will not have the private key - since that is ... private. Then you can add code to your app verify that the hash of the certificate sent during the connection matches the hash of the certificate that was pre-installed.

I noticed you have asked a similar question before and you may know all this already. Here is one additional point:

As long as you keep the private key of your self-signed certificate absolutely secure, there is no way anyone can fake your self signed certificate. It just cannot be done. If someone tries, they will have to generate a new private key which won't match yours - because they do not know your private key because you kept it secure.

Then everything breaks down. If they have a different private key, they will need a different public key. This means they will have a different certificate hash. And your app already knows the correct public key and hash (as described above), so when they try to come in with their bad public key and hash your app will reject the connection. This is part that you have to do in your application.

If they attempt to use your public key and hash but with a different private key, SSL will not allow them to make the connection.

Why not just use a cheap certificate that is Trusted ?

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!