Start Exploring Keyword Ideas

Use Serpstat to find the best keywords for your website

How-to 6 min read September 20, 2019

What are self-signed SSL certificates and their disadvantages

A self-signed SSL certificate does not provide sufficient protection to the data sent by a browser to the server. Unlike the certificates issued by reliable certification authorities, the identity of a self-signed SSL is verified by its owner.

What is a self-signed SSL certificate?

Technically, this certificate functions the same as the authorized variants. What makes it different is the signature which verifies its identity.

Self-signed variants are mostly used for sites and applications under testing. They can also be applied to smaller websites that do not contain any valuable data under the possible risk of attack. Resources that have high traffiс or collect personal user data should be identified strictly by reliable certificates.

You can create unlimited self-signed certificate versions. However, site visitors will always receive warnings of this kind:
Problem with this website's security certificate
Such messages repel users. Most of the potential visitors will choose to stay away from unreliable sites that will result in significant traffic decrease.

The conclusion is evident: to attract visitors, you should apply only reliable certificates signed by popular authorized centers. Their root certificates are included in any browser that signals users about encryption security.

Types of self-signed SSL certificates

Self-signed certificates can be created manually using special programs and libraries. For example, there is Windows-supported software like OpenSSL software bank or PowerShell console. These tools allow generating SSL certificates, creating open and private keys.

Setting up a self-signed SSL certificate with OpenSSL imposes using the following commands:

out /home/devuser/cert/cert.crt — certificate location;
newkey rsa:2048 — automatic key development in case you do not have any;
req-x509 — self-signed certificate generating request;
keyout /home/devuser/cert/mykey.key — key generating request.

Having entered the password, you need to type in the description of your server. If you want to leave certain parameters blank - put a point mark «.» at the end of the command string:
How to create SSL certificate via OpenSSL
In your browser, you may specify that the implied certificate is secure. Thus, you will avoid popping up of the "insecure connection" message on your device. Still, other users will keep on receiving this message.

Creating a self-signed certificate with PowerShell utility for Windows requires entering the following command:
New-SelfSignedCertificate -DnsName localhost -CertStoreLocation cert:\LocalMachine\My
This serves as a request for a self-signed certificate which then should be included in the folder containing reliable certificates. It will prevent the browser from reporting an encryption error.

This is how a self-signed certificate looks in Nginx server:
SSL certificate on Nginx server
cert.crt stands for an open key, and cert.key means a private key.

In Apache server, self-signed certificate appears in the following way:
SSL certificate on Apache server stands for the domain where you intend to apply the generated certificate.

Pros and cons of self-signed SSL certificates


Opportunity for unlimited certificate generation.
No payment required for the signature.
Quick initiation. No need to pend the response of the certification center.


User personal data set at risk.
Permanent "unknown publisher" warning.
Data security is not guaranteed.
Lack of user trust resulted from the absence of a certification center signature.
Possible errors in the certificate appearance and displaying in case it failed to be generated correctly.
Reliable centers issue various certificate variants that differ in price. Basic certificates verify domain name identity. More expensive ones are submitted upon the profound inspection of company data received directly from applicants to the extent of contact information and documentation.

The green badge with centre logo will appear on your site when the identification is successfully completed. This factor remarkably encourages user trust.


Self-signed and trusted certificates possess identical technical characteristics. A self-signed SSL certificate executes encryption of the data that passes from your browser to the server.

However, this data is at risk of attack by third parties and cannot be recalled. Besides, web resources protected by self-signed certificates will keep on reporting an insecure connection which will negatively influence the traffic of the site.

The use of self-signed certificates is acceptable for tested resources and minor companies' websites provided that the staff is informed about the insecure connection matter. Commercial resources with high traffic should be identified only by reliable certification centers.

You can receive a free-of-charge certificate with a subscription that will function until you are ready to purchase the paid version. Read more about free certificates.
This article is a part of Serpstat's "Site Audit" tool
SEO Audit in Serpstat" title = "What are self-signed SSL certificates and their disadvantages 16261788339714" />
Audit all the site or page in one click. A complete list of errors, sorted by severity, ways to resolve them and recommendations. Any frequency of verification and automatic email reports.
Run Site Audit

Speed up your search marketing growth with Serpstat!

Keyword and backlink opportunities, competitors' online strategy, daily rankings and SEO-related issues.

A pack of tools for reducing your time on SEO tasks.

Get free 7-day trial

Rate the article on a five-point scale

The article has already been rated by 0 people on average out of 5
Found an error? Select it and press Ctrl + Enter to tell us

Discover More SEO Tools

Tools for Keywords

Keywords Research Tools – uncover untapped potential in your niche

Serpstat Features

SERP SEO Tool – the ultimate solution for website optimization

Keyword Difficulty Tool

Stay ahead of the competition and dominate your niche with our keywords difficulty tool

Check Page for SEO

On-page SEO checker – identify technical issues, optimize and drive more traffic to your website

Share this article with your friends

Are you sure?

Introducing Serpstat

Find out about the main features of the service in a convenient way for you!

Please send a request, and our specialist will offer you education options: a personal demonstration, a trial period, or materials for self-study and increasing expertise — everything for a comfortable start to work with Serpstat.




We are glad of your comment
I agree to Serpstat`s Privacy Policy.

Thank you, we have saved your new mailing settings.

Report a bug

Open support chat
mail pocket flipboard Messenger telegramm