By Emin Askerov on Apr 09, 2015
Most common way to expose existing services from enterprise applications to mobile environment is using SOAP and REST (JSON, XML) services for consuming data. However before our solution usually goes to production we perform testing in development and test environments. In some cases these environments could use self-signed certificates for secured connection. For instance, if we deploy our service to WebLogic Server it could be self-signed certificate which is automatically generated during default domain creation and must be replaced with signed certificate in production environment. I would like to remind that self-signed certificate is an identity certificate that is signed by the same entity whose identity it certifies unlike signed certificate which is issued by trusted Certificate Authority (e.g. VeriSign, Comodo, Symantec etc.). Signed digital certificates are definitely mandatory, if you are going to do any commercial transactions and any other operations with privacy data in your solution.