The communication between two services operating within the same organization needs to be protected using message-layer security. These services are only used within the organizational boundary. The question is raised as to whether to use self-signed certificates or certificates signed by a certificate authority. A security specialist states that only certificates signed by an external certificate authority can be used to fulfill this security requirement. Is this correct?
Currently there are no comments in this discussion, be the first to comment!