A digital certificate, also known as a public key certificate, is used to cryptographically link ownership of a public key with the entity that owns it. Digital certificates are for sharing public keys to be used for encryption and authentication. Digital certificates include the public key being certified, identifying information about the entity that owns the public key, metadata relating to the digital certificate and a digital signature of the public key created by the issuer of the certificate.
The distribution, authentication and revocation of digital certificates are the primary purposes of the public key infrastructure (PKI), the system by which public keys are distributed and authenticated.
How do digital certificates work?
Public key cryptography depends on key pairs: one a private key to be held by the owner and used for signing and decrypting, and one a public key that can be used for encryption of data sent to the public key owner or authentication of the certificate holder's signed data. The digital certificate enables entities to share their public key in a way that can be authenticated.
Digital certificates are used in public key cryptography functions; they are most commonly used for initializing secure SSL connections between web browsers and web servers. Digital certificates are also used for sharing keys to be used for public key encryption and authentication of digital signatures.
Digital certificates are used by all major web browsers and web servers to provide assurance that published content has not been modified by any unauthorized actors, and to share keys for encrypting and decrypting web content. Digital certificates are also used in other contexts, both online and offline, for providing cryptographic assurance and privacy of data.
Who can issue a digital certificate?
While it is possible for an entity to create its own PKI and issue its own digital certificates -- and in some cases this approach might be reasonable, for example when an organization maintains its own PKI to issue certificates for its own internal use -- the vast majority of digital certificates are issued by a certificate authority (CA). CAs are considered trusted third parties in the context of a PKI; using a trusted third party to issue digital certificates enables individuals to extend their trust in the CA to the trustworthiness of the digital certificates that it issues.
Difference between digital certificate and digital signature
Public key cryptography enables a number of different functions, including both encryption and authentication. A digital signature is another one of those functions enabled by public key cryptography; digital signatures are generated using algorithms for signing of data, with the result that a recipient can irrefutably confirm that the data was signed by the holder of a particular public key.
Digital signatures are generated by hashing the data to be signed with a one-way cryptographic hash; the result is then encrypted with the signer's private key. The digital signature incorporates this encrypted hash, which can only be authenticated (verified) by using the sender's public key to decrypt the digital signature, and then running the same one-way hashing algorithm on the content that was signed. The two hashes can then be compared, and if they match it proves that the data was unchanged from when it was signed -- and that the sender is the owner of the public key pair used to sign it.
In general, a digital signature can depend on the distribution of a public key in the form of a digital certificate -- but it is not mandatory that the public key be transmitted in that form. However, digital certificates themselves are signed digitally, and they should not be trusted unless the signature can be verified.
What are the different types of digital certificates?
There are three different types of digital certificates used by web servers and web browsers to authenticate over the internet. These digital certificates are used to link a web server for a domain to the individual or organization that owns the domain.
- Domain Validated (DV SSL) certificates offer the least amount of assurance about the holder of the certificate. Applicants for DV SSL certificates need only demonstrate that they have the right to use the domain name. While these certificates can give assurance that data is being sent and received by the holder of the certificate, they give no guarantees about who that entity is.
- Organization Validated (OV SSL) certificates provide additional assurances about the holder of the certificate; in addition to confirming that the applicant has the right to use the domain, OV SSL certificate applicants undergo additional confirmation of their ownership of the domain.
- Extended Validation (EV SSL) certificates are issued only after the applicant is able to prove their identity to the satisfaction of the CA. The vetting process includes verification of the existence of the entity applying for the certificate, verifying that identity matches official records, verifying that the entity is authorized to use the domain and confirming that the owner of the domain has authorized the issuance of the certificate.
These types of SSL certificates are available from CAs for web domains, though the exact methods and criteria for these certificates are evolving as the CA industry adapts to new conditions and applications.
In addition to SSL certificates, there are other types of digital certificates used for other purposes. They are as follows:
- Code signing certificates may be issued to organizations or individuals who publish software. These certificates are used to share public keys that sign software code, including patches and software updates. Code signing certificates certify the authenticity of the signed code.
Client certificates, also called a digital ID, are issued to individuals in order to bind their identity to the public key in the certificate. Individuals can use these certificates to digitally sign messages or other data; individuals can also use their private keys to encrypt data which recipients can decrypt using the public key in the client certificate.