Ensure secure data transmission over HTTPS in the absence of officially issued digital certificate

The transmission of (sensitive) data between server and client should be secured, in particular against eavesdropping and man-in-the-middle attack. The client accesses data (which is stored on the server) over HTTP through specific web interface. Hence, the client-server communication should be adapted to HTTP over TLS/SSL (i.e. HTTPS). There is no possibility to receive an officially issued digital certificate from one of the well-known certification authorities (CA). The solution should be simple, and the implementation may not take longer than ca. 2 hours.
1 answer

This one is the BEST answer!

In order to provide Transport Layer Security (TLS), same as for its predecessor Secure Sockets Layer (SSL), it is not compulsory to use a digital certificate issued by one of the well-known (trusted) certification authorities (CA), in case when authentication of the server is not of a particular interest. The so-called self-signed certificate (i.e. an identity certificate signed by the same entity whose identity it should certify) is able to ensure that the connection is secure.

1) Generate self-signed certificate, depending on the particular server environment (e.g. using keytool).
2) Configure the server to serve the requests over HTTPS.
3) Inform the client about the need to whitelist the self-signed certificate.