The digital certificate is one of the foundations of a public key infrastructure (PKI). A digital certificate is in many ways the electronic equivalent of a passport or driver's license, and maybe used to identify and authenticate someone making online transactions.

A certification authority issues a digital certificate to a certificate holder on the request of a registration authority.

Details on a digital certificate include the certificate holder's name, their public key, the name of the certification authority and an indication of the certificate policy under which it was issued. Most digital certificates are in the format specified in the X.509 standard.

The public key and private key pair can be generated on a secure device. A certification authority creates the digital certificate, incorporating the public key and signs it, protecting the integrity of the information.

The public key in a digital certificate is linked to the private key. The certificate holder must hold the private key securely. The security of the private key is extremely important. In many applications a private key is stored by placing or creating the private key on a physical token such as a smart card.

Visit our FAQs for further details.