Questions about legacy apps/req.c code

Jordan Brown openssl at
Wed Dec 22 21:13:02 UTC 2021

On 12/22/2021 1:08 PM, Philip Prindeville wrote:
> I see there being limited application (utility) of self-signed certs, since they're pretty much useless from a security perspective, because they're unanchored in any root-of-trust.

They're OK once you take a leap of faith, check the fingerprint, or copy
the certificate out of band.

In some senses they are *better* than a CA-based cert, because once
established they are not vulnerable to CA compromise.

Jordan Brown, Oracle ZFS Storage Appliance, Oracle Solaris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the openssl-users mailing list