The digital certificate, how it works and how to buy the right one is essential knowledge for information security professionals to have. The digital certificate binds a public key with an identity and helps secure internet and other network communications. It enables the verification of the communicating parties and makes sure these communications are private. Knowing how to securely manage digital certificates, from creation to retirement or revocation, is an important skill for infosec pros. To acquire digital certificates for their enterprise, they must understand the new products and vendors coming onto the market as well as the established players. They must be able to discern among the options for digital certificates -- including in-house, open source, cloud-based or subscription-based options -- and how each works to acquire the certificates that meet enterprise needs and to manage them once they're acquired and deployed.
This buyer's handbook on digital certificates explains them and identifies features that any enterprise will want to consider. It is written both as a primer for IT teams who need to get up to speed on how certificates work and for infosec pros already managing certificates but wondering if there are better, more secure options available.