S
S
slava kk2019-01-22 08:45:20
Computer networks
slava kk, 2019-01-22 08:45:20

How to create your own ssl CA and make ALL browsers trust it?

There are certification authorities like comodo, digicert, lets encrypt, etc. How to create your own CA so that all browsers trust it, like comodo?

Answer the question

In order to leave comments, you need to log in

4 answer(s)
R
Rsa97, 2019-01-22
@Rsa97

If you need a global CA, then start with, for example, Mozilla's requirements for root centers.
But it is very expensive. You will have to find a room with bank vault level protection, deploy a secure system, certify all this, guarantee compensation for damage in case of compromise of certificates through your fault, etc.

C
CityCat4, 2019-01-22
@CityCat4

If there is a lot - (a lot) of money - it's easy. Write to the main browser manufacturers - here, I'm Ivan Petrov, I want to be the root CA. Give me your requirements, there is money for everything :)
You are given requirements, you fulfill them.
PROFIT!
PS: I hope you already understood that it was just a banter. For an ordinary person and even for an ordinary organization, it is unrealistic to get into the lists of trusted CAs in browsers. From the word at all.

Y
Yuri Samoilov, 2019-01-22
@takezi

Add your CA's certificate to the operating system's trusted root certificates that are distributed with operating systems. Those. you need to send the public key of your root certificate for inclusion in the list of trusted companies Mozilla, Microsoft, Google and Apple.
Inclusion of your certificate in the list of trusted is theoretically possible only if you are trusted (you represent a well-known company with an impeccable reputation).

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question