BCA - Network Technologies

A digital certificate is an electronic "passport" that enables a person, device, or organization to securely communicate data over the Internet by utilizing the public key infrastructure (PKI). A public key certificate is another name for a digital certificate.

A digital certificate, like a passport, contains identifying information, is resistant to fraud, and can be validated because it was issued by an official, trusted source. The certificate contains the certificate holder's name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the certificate-issuing authority's (CA) digital signature, allowing the recipient to verify that the certificate is genuine.

A certificate is digitally signed by a root certificate belonging to a trustworthy certificate authority to offer evidence that it is genuine and valid. Operating systems and browsers keep lists of trustworthy CA root certificates so that they can quickly check certificates that the CAs have signed. Digital certificates can be self-signed when PKI is used internally.