Question
What is the main difference between a Certificate Authority (CA-signed) certificate and an Everbridge-signed (self-signed) certificate for SSO?
What are the risks associated with using the five-year Everbridge-signed SSO certificate instead of the one-year CA-signed certificate?
Answer
Differences:
The primary difference between the two types of certificates lies in their usage and security considerations:
-
Certificate Authority (CA-signed) Certificate:
- Validity Period: One year
- Usage: Typically used with Identity Providers (IdPs) that require the certificate to be imported for authentication.
- Security: Considered slightly stronger and more secure due to the shorter validity period and the external validation by a trusted Certificate Authority.
-
Everbridge-Signed (Self-signed) Certificate:
- Validity Period: Five years
- Usage: Generally used with IdPs that do not require the certificate to be imported for authentication.
- Security: While it has a longer validity period, it is self-signed and may not be as secure as a CA-signed certificate.
Risks:
There are no significant risks associated with using the five-year Everbridge-signed certificate over the one-year CA-signed certificate. However, the one-year CA-signed certificate is considered slightly more secure due to its shorter validity period and external validation.
For more detailed steps on updating the Everbridge Single Sign-On (SSO) Certificate, refer to knowledge article EBS: Updating the Everbridge Single Sign-On (SSO) Certificate.
Article Feedback
Please sign in to leave a comment.