SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. Their use keep sensitive information sent across the Internet encrypted so that only the intended recipient can understand it.
Web browsers know how to trust HTTPS websites based on Certificate Authorities (CA) that come pre-installed in their software. However, some servers use invalid certificates (Self-signed certificates, signed by untrusted Certificate Authorities, identifying other websites, expired certificates, etc). Although this may be common on servers used for development, the use of such certificates is very, very unsafe. Accepting invalid certificates represents an huge security risk and, therefore, it should be avoided at all costs.
