question about certificates

ladiesman217

is there a difference between a code signing certificate and the self signed certificate? what i know is self signed certificate is made and use in local intranets and a code signing certificate is use in the internet and issued by CA like verisign. pls someone englighten me. im so confuse.

blargoe

Two entirely different things.

All certificates, in general, are self-signed (the host generates its own certificate), or issued by a Certification Authority. In either case, the certificate may serve whatever purpose is needed by the host - SSL, digital signature, authentication, IPSec, code signing, or whatever. The distinction comes when you expect other hosts to trust the certificate. Typically other hosts aren't going to trust a certificate that are self-signed by a host, but they will trust certificates issued by a commercial certification authority.

A code signing certificate is used by software developers to verify the identity of the developer when they distribute their software. Generally, you wouldn't use a self-signed certificate for this.

ladiesman217

blargoe wrote:

Two entirely different things.

All certificates, in general, are self-signed (the host generates its own certificate), or issued by a Certification Authority. In either case, the certificate may serve whatever purpose is needed by the host - SSL, digital signature, authentication, IPSec, code signing, or whatever. The distinction comes when you expect other hosts to trust the certificate. Typically other hosts aren't going to trust a certificate that are self-signed by a host, but they will trust certificates issued by a commercial certification authority.

A code signing certificate is used by software developers to verify the identity of the developer when they distribute their software. Generally, you wouldn't use a self-signed certificate for this.

now its clear to me. thnks for the reply.