Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Some users were surprised to find out that we do not publish the fingerprints of our SSL certificates from SwissSign on our website. Some websites do, but we do not.

The reason for checking the fingerprints of SSL certificates would be to ensure that there is no ‘man in the middle’ who has activated the connection and manipulated the SSL connection with his own certificates.
However, a ‘man in the middle’ would at the same time also be able to change the content of the websites and replace the SSL fingerprint published on these sites with the SSL fingerprint he has used.
Any vigilant user wishing to check the SSL fingerprints would then see the compromised SSL fingerprints, which would match the manipulated certificate, and the user would be under the false impression that everything was perfectly fine, thereby exposing himself to risk.

...