What is a Digital Certificate, and why do you need one?

What is a Digital Certificate, and why do you need one?

A Digital Certificate is a digital file used to cryptographically bind an entity's   Public Key to specific attributes relating to its identity. The entity may be   a person, organisation, web entity or software application. Like a driving license   or passport binds a photograph to personal information about its holder, a Digital   Certificate binds a Public Key to information about its owner.

In other words, Alice's Digital Certificate attests to the fact that her Public   Key belongs to her, and only her. As well as the Public Key, a Digital Certificate   also contains personal or corporate information used to identify the Certificate   holder, and as Certificates are finite, a Certificate expiry date.

Digital Certificates and Certification Authorities

Digital Certificates are issued by Certification Authorities (CA). Like a central   trusted body is used to issue driving licenses or passports, a CA fulfils the   role of the Trusted Third Party by accepting Certificate applications from entities,   authenticating applications, issuing Certificates and maintaining status information   about the Certificates issued.

The incorporation of a CA into PKI ensures that people cannot masquerade on   the Internet as people they are not by issuing their own fake Digital Certificates   for illegitimate use.

The Trusted Third Party CAs will verify the identity of the Certificate applicant   before attesting to their identity by Digitally Signing the applicant's Certificate.   Because the Digital Certificate itself is now a signed data file, its authenticity   can be ascertained by verifying its Digital Signature. Therefore, in the same   way we verify the Digital Signature of a signed message, we can verify the authenticity   of a Digital Certificate by verifying its signature.

Because CAs are trusted, their own Public Keys used to verify the signatures   of issued Digital Certificates are publicised through many mediums widely.