I'm exploring ways to enhance security for my SAML Single Sign-On setup. Typically, these configurations use self-signed certificates, but I've heard that using certificates from a Certificate Authority (CA) can help avoid man-in-the-middle attacks. Is it feasible to set up SAML SSO with a CA-issued certificate? Also, is it a requirement to do so, or is self-signed still considered safe in this context?
2 Answers
It's all about certificate validation! As long as your cert is being validated correctly, it doesn’t need to be signed by a public CA to keep things secure.
Yeah, using your own certs might be a cost-saving measure. It reminds me of some features you get with Azure Key Vault.
Related Questions
Cloudflare Origin SSL Certificate Setup Guide
How To Effectively Monetize A Site With Ads