• AwesomeLowlander@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    5
    ·
    6 days ago

    Certificates are to protect against MitM attacks, not prevent your site from getting hacked. You need to secure everything, this is one aspect of it

      • Gremour@lemmy.world
        link
        fedilink
        English
        arrow-up
        4
        ·
        6 days ago

        You can make your own cert. To make sure your cert belongs to you (your site) it is signed by authority and the client then may verify that authority (which cetificate is preinstalled in their system) in fact had verified ownership of your site and then signed your cert claims with their private key.