Digital certificate serves to verify the user’s or system’s identity when communicating over the Internet. It is a data set that carries the information about the identity of its owner. It is also used to establish a secure connection between two computers. It is a sort of electronic identity card.
- is part of digital signature and thus enables, for instance, a secure email communication since it provides a confirmation that the sender is a valid holder of the corresponding private key
- is the basis for the secure https connection between server and computers when the communication is encrypted (see also SSL certificate) - digital certificate confirms that the owner of the page is a valid private key holder
Digital certificate has a limited validity (it is issued for a certain fixed period, typically a year) and can be issued for a specific person, company or, for example, for a particular computer (server).
What is a digital certificate? What does it look like?
It is a set of data containing
- information about the owner of the certificate
- certificate issuer information
- validity period
- public key.
The structure and content of digital certificates are internationally unified; they are based on the X.509 standard.
Who is a digital certificate issuer? How does it work?
Digital certificates are issued by certification authorities. When issuing a digital certificate for the first time, it is necessary to provide the certifying authority with certain documents based on which the authority verifies the identity of the applicant. If the applicant is a person, then it can be an identity document; in case of companies, the intensity of verification can differ according to the level of trust needed, ranging from authentication by email or internet domain to full verification of company’s founding documents.
Further prolongation of the certificate can take place indefinitely.
If we trust the certification authority, then there is no reason not to trust the data stated in the digital certificate.