Digital certificates
Certificates are digital documents which map a public key to an entity. The certificate verifies that the public key belongs to an individual entity. It also prevents an entity from using the key to impersonate another entity.
Certificates are used to generate confidence in the legitimacy of a public key. An entity that is verifying a signature can also verify the signer’s certificate to ensure that no forgery or false representation occurred. Before sending a message, the user requests a certificate be presented. The certificate contains the recipient’s identity and public key. This information is then used to encrypt the message.
A certificate contains at least a public key, a name, and most importantly, the digital signature of the certificate issuer. The certificate can also contain an expiration date, the name of the certifying authority that issued the certificate, a serial number and other optional additional information.
The most widely accepted format for certificates is X.509 because X.509 is an international standard. Any application complying with X.509 can read and write certificates.
Related Links
Certification Authority (CA)
Certificate requests
Server certificates
Client certificates
Self-signed certificates
Signing certificates
Root certificates
Certificate chains
Certificate private keys and private key passwords
Provided digital certificates
Generating self-signed server certificates
Generating server certificate requests
Install and activate server certificates
Generating self-signed signing certificates
Install and activate signing certificates
Installing server certificates as trusted roots
Installing signing certificates as a trusted root
Generating client certificates
Installing client reference certificates
Use client certificates for user authentication