What is a self-signed SSL certificate?

What is a self-signed SSL certificate?

A self-signed SSL certificate does not use the chain of trust used by other SSL certificates and is most often used when a company wants to perform internal testing without the effort or expense of acquiring a standard SSL certificate.


Standard SSL certificates are issued and verified by a trusted Certificate Authority (CA). They are required to operate websites using the HTTPS protocol favored by most reputable eCommerce retailers. Such certificates employ a chain of trust, in which each certificate is signed and trusted by a more credible certificate. This chain extends all the way up to root-certificates, which can only be provided by a finite selection of Root CAs such as Comodo, GeoTrust, Verisign, and others.

Self-signed SSL certificates avoid this chain of trust as they are signed by the entity requesting the certificate rather than a CA. Unlike CA-issued certificate, self-signed certificates are free to acquire, but they are generally only used for internal testing.

Appropriate use

It is generally inadvisable to use a self-signed SSL certificate on any website accessible by the public. Most browsers will notify users that such a certificate cannot be verified (Figure 1), scaring most visitors away almost immediately.

Figure 1. Sample browser warning about a self-signed SSL certificate.

By its very nature, a self-signed certificate is easier to forge than a CA-issued certificate. Most professional, public domains should avoid such negative connotations and instead purchase a standard SSL certificate from a trusted CA.

Because they are free, self-signed SSL certificates see more use on internal test sites, when a company may advise employees to ignore the browser warnings. However, this still poses some risk because such a policy can encourage unsafe public browsing habits, which may then carry over to public browsing.

For 24-hour assistance any day of the year, contact our Support Team by email or through the Client Portal.

Article Rating (1 Votes)
Rate this article
  • Icon PDFExport to PDF
  • Icon MS-WordExport to MS Word
Attachments Attachments
There are no attachments for this article.
Related Articles RSS Feed
How to purchase SSL certificates from your Client Portal
Added on Thu, Sep 13, 2018
How to purchase standard SSL certificates
Added on Fri, Sep 14, 2018
How to renew your SSL certificate
Added on Mon, Feb 23, 2015
How to rekey your SSL certificate
Added on Wed, Aug 15, 2018
What is a chain of SSL certificates?
Added on Tue, Feb 24, 2015
What are the benefits of dedicated IP addresses?
Added on Tue, Jan 29, 2019
What is an extended validation (EV) multi-domain SSL certificate?
Added on Thu, Feb 5, 2015
How to install SSL certificates in Nexcess Cloud
Added on Thu, Sep 13, 2018
How to generate a CSR
Added on Tue, Dec 30, 2014
How to resolve the SSL warning when logging in to SiteWorx
Added on Wed, Mar 11, 2015