Question

What is the main difference between a Certificate Authority (CA-signed) certificate and an Everbridge-signed (self-signed) certificate for SSO?

What are the risks associated with using the five-year Everbridge-signed SSO certificate instead of the one-year CA-signed certificate?

Answer

Differences:

The primary difference between the two types of certificates lies in their usage and security considerations:

• Certificate Authority (CA-signed) Certificate:
  • Validity Period: One year
  • Usage: Typically used with Identity Providers (IdPs) that require the certificate to be imported for authentication.
  • Security: Considered slightly stronger and more secure due to the shorter validity period and the external validation by a trusted Certificate Authority.
• Everbridge-Signed (Self-signed) Certificate:
  • Validity Period: Five years
  • Usage: Generally used with IdPs that do not require the certificate to be imported for authentication.
  • Security: While it has a longer validity period, it is self-signed and may not be as secure as a CA-signed certificate.

Risks: 

There are no significant risks associated with using the five-year Everbridge-signed certificate over the one-year CA-signed certificate. However, the one-year CA-signed certificate is considered slightly more secure due to its shorter validity period and external validation.

For more detailed steps on updating the Everbridge Single Sign-On (SSO) Certificate, refer to knowledge article EBS: Updating the Everbridge Single Sign-On (SSO) Certificate.