The communication between two services operating within the same organization needs to be protected using message-layer security. These services are only used within the organizational boundary. The question is raised as to whether to use self-signed certificates or certificates signed by a certificate authority. A security specialist states that only certificates signed by an external certificate authority can be used to fulfill this security requirement. Is this correct?
Eladia
2 days ago