I would like to make a twitter web-application, but I don't want to spend money on a SSL-certificate. I don't need trust from users since I make it in the first instance for myself. So I want to make my own certificate . Is this a good idea ?
You could do that for purely personal testing and educational purposes. If you want a free SSL certificate that you can use on a public site, get one at <snip>
They are only valid for 90 days though. I would be careful about self-signing if it is in the public domain, not sure how you can say you build the trust first. The company I work for do low cost SSLs - <snip>
If you are only developing your application then there is nothing wrong with using a self signed certificate. When you want to launch your product then of course you will need a valid one.
Self sign certificate is not longer useful because Microsoft is going to banned cryptograph key less than 1024. Authorized news you can find at here. www.techrepublic.com/blog/security/microsoft-to-block-keys-less-than-1024-bits-in-august-software-update/8156. I think you have to go for valid certificate.
You can self sign a cert for 2048bit so that is not a problem.
Self signing during development would work fine.
you can get them for free? I thought you had to pay.
you can make your own, but they arent trusted by browsers.
you can also get others to generate free ones for you
ive yet to find a free one thats also trusted by browsers though
Yeah, from: https://www.startssl.com/ It's a real SSL Certificates that can be used for credit card processing. It's not a name brand thou.
Here's real check SSL Certificates: http://www.cheapssls.com
You can surely use a Self-Signed Certificate and it will offer the same level of protection as any other SSL Certificate would the only difference being that your browser wont recognize it and it will show a warning.