What Is Certificate

Q

What is an Internet security certificate? What is a public key certificate? What is an X.509 certificate? What is a digital certificate? What is a certificate? Are they all the same thing?

✍: FYIcenter.com

A

A public key certificate, usually just called a certificate, is a digitally signed statement that binds the value of a public key to the identity of the person, device, or service that holds the corresponding private key. One of the main benefits of certificates is that hosts no longer have to maintain a set of passwords for individual subjects who need to be authenticated as a prerequisite to access. Instead, the host merely establishes trust in a certificate issuer.

Certificates are digitally signed. So certificates are also called digital certificates.

Most certificates in common use are based on the X.509 v3 certificate standard. So certificates are also called X.509 certificates.

Most certificates are used by Internet Web servers with th HTTPS protocol to add security protection on sending data to users and on receiving data from users. So certificates are also called Internet security certificates.

Typically, certificates contain the following information:

  • The subject's public key value.
  • The subject's identifier information, such as the name and e-mail address.
  • The validity period (the length of time that the certificate is considered valid).
  • Issuer identifier information.
  • The digital signature of the issuer, which attests to the validity of the binding between the subject's public key and the subject's identifier information.

A certificate is valid only for the period of time specified within it; every certificate contains Valid From and Valid To dates, which set the boundaries of the validity period. Once a certificate's validity period has passed, a new certificate must be requested by the subject of the now-expired certificate.

2012-07-13, 3104👍, 0💬