What is a self-signed SSL certificate?

• A. A certificate issued by a trusted public CA
• B. A certificate that is created by a trusted third party
• C. A certificate signed by the same entity that created it
• D. A certificate used only for code signing

Answer: (C)

A self-signed SSL certificate is one where the issuer and the subject are the same entity; it is signed with the entity’s own private key rather than by a separate trusted authority. This means you can use it to encrypt traffic, but there’s no external party vouching for the entity’s identity, so clients (like browsers) don’t automatically trust it unless you manually install the certificate or its root into every client’s trust store. It’s common for internal networks or development environments where you control trust, but not ideal for public-facing sites because users will get trust warnings. In practice, certificates issued by a trusted public CA provide a chain of trust that browsers already recognize, whereas code-signing certificates serve software signing purposes, not TLS for websites.