Information Security for the Enterprise Home About Us Contact Us
ISC
Mideye
ControlGuard
Support
Buy Online

Create your own self-signed certificates or be your own CA

There are two ways of creating the certificates that form the very basis of a PKI based encryption and/or trust solution. The traditional way is to either procure the certificates from a trusted third party or set up your own Certificate Authority (CA). The other alternative is to use Self-Signed Certificates. The process for the two options are somewhat different and they each have their pluses and minuses.

Our solutions for encryption and trust support both processes.

Using a CA

CertAgent makes it possible to set up and manage your own CA in house. It allows for the creation of an unlimited number of Certificates and integrates with LDAP and Active Directory for the management of the issued Certificates. This will make it possible to strictly control how encryption and signing is used in the organisation and manage the issuing and revoking of Certificates internally.

If an in-house CA is not an option, SecretAgent can accept any standard X.509 certificate from an external CA. Using an external CA however, would require a continuing interaction with the CA to issues new certificates and revoke old ones. It would also be necessary to establish strict rules on how the certificates should be obtained and managed. It is important to understand that an independent CA normally only performs a minimum of checks and the issuing of a certificate is in no way a guarantee of identity.

Using self-signed certificates

It is possible to achieve a high level of confidence in the secure exchange of information by using a process that involves Self-Signed Certificates. These certificates are generated by each individual using a standard function in SecretAgent. The public keys associated with the certificate are then exchanged between the parties that wish to set up a secure communication. These keys can be stored in a local certificate store or LDAP/Active Directory. Once the keys are exchanged (and verified) it is possible to exchange information in a secure manner. This process mimics the security that most people would have in their day-to-day work already in that it relies on the two parties verifying each other’s identity in a traditional manner. SecretAgent has standard functions to make the exchange of keys very straightforward and simple.

tamtech's MailerID is a concept building on self-signed certificates. With a click of a button your email will be secured to the highest level available on the civilian market.

 

Encryption & Trust
SecretAgent
SpyProof
PolicyAgent
Document Access Server
CertAgent
  Self-signed Certificates
  Evaluation Copy
Credential Management
Development Tools
Technical Information
Brochures

© Copyright 2006 tamtech Solutions Ltd