What is an X.509 Digital Certificate?
What is an X.509 certificate?
Note:
See http://en.wikipedia.org/wiki/X.509 for additional information.
Solution:
Digital Certificates bind an identity to a pair of electronic keys that can be used to encrypt, sign, and decrypt digital information. A Digital Certificate makes it possible to verify someone's claim that they have the right to use a given resource and helps prevent people from using phony keys to impersonate other users. Used in conjunction with encryption, Digital Certificates provide a more complete security solution by assuring the identity of all parties involved in a transaction.
A Digital Certificate is issued by a Certification Authority (CA) and signed with the CA's private key.
A Digital Certificate typically contains the:
- Owner's public key
- Owner's name
- Expiration date of the public key
- Name of the issuer (the CA that issued the Digital Certificate)
- Serial number of the Digital Certificate
- Digital signature of the issuer
The most widely accepted format for Digital Certificates is defined by the CCITT X.509 international standard; thus certificates can be read or written by any application complying with X.509. Further refinements are found in the PKCS standards and the PEM standard.