Trusted and untrusted certificates
SSL/TLS certificates can be divided into trusted and untrusted, based on the issuing certification authority. The importance of using a certificate from a trusted certification authority lies in the completely error-free use of the certificate in users' browsers and an incomparably higher level of trust and authentication.
The difference between a trusted and an untrusted SSL/TLS certificate
An untrusted certificate
An untrusted SSL/TLS certificate is characterized by the fact that if a site visitor enters a site where the data transmission is encrypted using this certificate, a notification is automatically displayed stating that the certificate is not issued by a verified and trusted certification authority, with a question whether the client still wishes to use this certificate.
For example, an untrusted certificate is used for system purposes, such as RDP (Remote Desktop Protocol). If the certificate is issued by a system or user, it is called a self-signed certificate. These certificates can be used, for example, on an IIS server, but with the above-mentioned trust error.
A trusted certificate
A trusted SSL/TLS certificate is issued by a trusted certification authority such as DigiCert, Thawte or GeoTrust and using it does not disturb the visitor because no error is displayed. This is typically a 2048b certificate, which is automatically recognized by 99.3% of browsers on PC and mobile devices.
The visitor’s browser’s trust is guaranteed by the so-called chain of trust, when your certificate is indirectly issued by the Root certificate of the certification authority present in the system. This trust connection is mediated by Intermediate certificates, of which there can be several.
We are sorry that you did not find the required information here.
Please help us to improve this article. Write us what you have expected and not found out.