A self-signed certificate is a certificate that is signed by the person creating it rather than a trusted certificate authority (CA). A certificate can only properly verify the identity of the server when it is signed by a trusted CA because any attacker can create a self-signed certificate. Because of this, you will never want to use a self signed certificate on a server that requires users to connect to your site via the internet.

A self signed certificate is appropriate if you plan to deploy a personal site on your computer or deploy for intranet only where users must go through a local Intranet to get to the server.


You can create a self signed certificate via the Server Certificates Feature in IIS.


Keep in mind that intranet users will see a warning in their browsers (like the one for Chrome below) when connecting to a server.