In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document that uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.
In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority (CA). In a web of trust scheme, the signature is of either the user (a self-signed certificate) or other users ("endorsements"). In either case, the signatures on a certificate are attestations by the certificate signer that the identity information and the public key belong together.
For provable security this reliance on something external to the system has the consequence that any public key certification scheme has to rely on some special setup assumption, such as the existence of a certificate authority.
Certificates can be created for Unix-based servers with tools such as OpenSSL's ca command. or SuSE's gensslcert. These may be used to issue unmanaged certificates, Certification Authority (CA) certificates for managing other certificates, and user and/or computer certificate requests to be signed by the CA, as well as a number of other certificate related functions.
Similarly, Microsoft Windows 2000 Server and Windows Server 2003 contain a Certification Authority (CA) as part of Certificate Services for the creation of digital certificates. In Windows Server 2008 the CA may be installed as part of Active Directory Certificate Services. The CA is used to manage and centrally issue certificates to users and/or computers. Microsoft also provides a number of different certificate utilities, such as SelfSSL.exe for creating unmanaged certificates, and Certreq.exe for creating and submitting certificate requests to be signed by the CA, and certutil.exe for a number of other certificate related functions.
Read more about Public Key Certificate: Contents of A Typical Digital Certificate, Certificates and Web Site Security
Famous quotes containing the words public, key and/or certificate:
“When in public poetry should take off its clothes and wave to the nearest person in sight; it should be seen in the company of thieves and lovers rather than that of journalists and publishers.”
—Brian Patten (b. 1946)
“It so happened that, a few weeks later, “Old Ernie” [Ernest Hemingway] himself was using my room in New York as a hide-out from literary columnists and reporters during one of his rare stopover visits between Africa and Key West. On such all-too-rare occasions he lends an air of virility to my dainty apartment which I miss sorely after he has gone and all the furniture has been repaired.”
—Robert Benchley (1889–1945)
“God gave the righteous man a certificate entitling him to food and raiment, but the unrighteous man found a facsimile of the same in God’s coffers, and appropriated it, and obtained food and raiment like the former. It is one of the most extensive systems of counterfeiting that the world has seen.”
—Henry David Thoreau (1817–1862)