Whether the certificates are "good" or not depends on your usage of them. As far as securing your own communications, yes they are good(If properly created with a decent key etc.). The Microsoft, Verisign, Thawte, etc... certificates are for the general public's peace of mind. They are normally used on commercial websites or publicly distributed software. The reason these commercial certificate companies are important although their certificates are functionally the same as yours, is they are established as trusted companies by the software community at large. They are known to verify the people that they distribute signed certificates to as being who they say they are.
If you have a certificate from some no name certificate authority ( http://www.theregister.co.uk/content/30/25547.html :) ) instead of a well known one like Verisign that says it is for Microsoft corporation, it will work for securing your code. But it does not mean that the company is actually Microsoft. But if you have a certificate from Verisign saying it was signed for Microsoft, then you can feel fairly confident that you aren't being misled by whoever is using the certificate. The issue is Trust. You have to believe that whoever is issuing the certificate is verifying who they sign it for. And they charge enough money for their seal of approval also. :/ -----Original Message----- From: Shalendra Chhabra [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 04, 2002 9:01 AM To: [EMAIL PROTECTED] Subject: Errors I need some help 1. I am able to generate Certificate and Private Key using command line options in Openssl. can someone tell me are they considered good? and if they are good why do we need Certificates from companies like Microsoft, Verisign??????????? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]