Security Concerns Using Self-Signed Cert and SSL-VPN
Looking for clarification how SSL-VPN uses self-signed certificates and have two questions. 1. how secure is it sending login info to download the NetExtender client over the internet. 2. how secure is it putting the login info in NetExternder with the self-signed cert?
I noticed in videos like this one https://www.youtube.com/watch?v=sLBv8OXcqJ8 (time: 3:31) when the application is downloaded from the SonicWall device over the internet, using format https://IPaddress:4433, the self-signed certificate fails. Isn’t this a risk putting in credentials at this point? What is the risk using NetExtender with the failing self-signed cert?
Failed cert screenshot logging into SonicWall device to download NetExtender.