What is an X.509 Digital Certificate?

What is an X.509 Digital Certificate?

What is an X.509 certificate?


Note:
See http://en.wikipedia.org/wiki/X.509 for additional information.

Solution:

Digital Certificates bind an identity to a pair of electronic keys that can be used to encrypt, sign, and decrypt digital information. A Digital Certificate makes it possible to verify someone's claim that they have the right to use a given resource and helps prevent people from using phony keys to impersonate other users. Used in conjunction with encryption, Digital Certificates provide a more complete security solution by assuring the identity of all parties involved in a transaction.

A Digital Certificate is issued by a Certification Authority (CA) and signed with the CA's private key.

A Digital Certificate typically contains the:

  • Owner's public key
  • Owner's name
  • Expiration date of the public key
  • Name of the issuer (the CA that issued the Digital Certificate)
  • Serial number of the Digital Certificate
  • Digital signature of the issuer

The most widely accepted format for Digital Certificates is defined by the CCITT X.509 international standard; thus certificates can be read or written by any application complying with X.509. Further refinements are found in the PKCS standards and the PEM standard.

Was this article helpful?