Trusted answers to developer questions

What is a digital certificate?

Get Started With Machine Learning

Learn the fundamentals of Machine Learning with this free course. Future-proof your career by adding ML skills to your toolkit — or prepare to land a job in AI or Data Science.

A digital certificate is used to share the public key of a user. It contains information on the public key, the owner of the public key, the expiration date of the public key, and the digital signature of a trusted authority.

A digital certificate is used to address a significant caveat in digital signatures. Digital signatures rely on the fact that the receiver has the public key of the authentic sender. But what if a hacker steps in and swaps his public key with the sender’s public key while the sender is sending her public key to the receiver? In such a case, the receiver would have no way of knowing whether or not the messages received are from an authentic source. Therefore, the public key needs to be shared securely for digital signatures to work.

A digital certificate
A digital certificate

How a digital signature works

To avoid the aforementioned scenario, the sender should add his/her public key, on a certificate containing his/her details, and a digital signature from a trusted third party. The public keys of these trusted third parties are hardcoded into the browsers. The sender then sends the digital certificate, the digital signature, and the message to the receiver.

Some trusted authorities

The following are some authorities that can issue digital certificates:

  1. Symantec

  2. Comodo

  3. GeoTrust

  4. DigiCert

RELATED TAGS

networks
encryption
Copyright ©2024 Educative, Inc. All rights reserved
Did you find this helpful?