Validate Server Certificate recommendation

Unanswered Question
Nov 5th, 2007

I understand that it is probably recommended from a security standpoint to ensure "validate server certificate" is checked on each client and that either a self-signed or Trusted CA (Verisign) certificate be employed.

Can someone give me an example of security risks when validation is not enabled?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
andrew.brazier@... Tue, 11/06/2007 - 08:16

You're vulnerable to man-in-the middle attacks as your clients aren't validating that the server is who it says it is.

Actions

This Discussion

 

 

Trending Topics - Security & Network