In cryptography, a public key certificate (also known as a digital certificate or identity certificate) is an electronic document that uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth. The certificate can be used to verify that a public key belongs to an individual.
In a typical public key infrastructure (PKI) scheme, the signature will be of a certificate authority (CA). In a web of trust scheme, the signature is of either the user (a self-signed certificate) or other users ("endorsements"). In either case, the signatures on a certificate are attestations by the certificate signer that the identity information and the public key belong together.
For provable security this reliance on something external to the system has the consequence that any public key certification scheme has to rely on some special setup assumption, such as the existence of a certificate authority.
Certificates can be created for Unix-based servers with tools such as OpenSSL's ca command. or SuSE's gensslcert. These may be used to issue unmanaged certificates, Certification Authority (CA) certificates for managing other certificates, and user and/or computer certificate requests to be signed by the CA, as well as a number of other certificate related functions.
Similarly, Microsoft Windows 2000 Server and Windows Server 2003 contain a Certification Authority (CA) as part of Certificate Services for the creation of digital certificates. In Windows Server 2008 the CA may be installed as part of Active Directory Certificate Services. The CA is used to manage and centrally issue certificates to users and/or computers. Microsoft also provides a number of different certificate utilities, such as SelfSSL.exe for creating unmanaged certificates, and Certreq.exe for creating and submitting certificate requests to be signed by the CA, and certutil.exe for a number of other certificate related functions.
Read more about Public Key Certificate: Contents of A Typical Digital Certificate, Certificates and Web Site Security
Famous quotes containing the words public, key and/or certificate:
“It was a time of madness, the sort of mad-hysteria that always presages war. There seems to be nothing left but war—when any population in any sort of a nation gets violently angry, civilization falls down and religion forsakes its hold on the consciences of human kind in such times of public madness.”
—Rebecca Latimer Felton (1835–1930)
“Japanese mothers credit “effort” as the key determinant of a child’s achievement in school, while American mothers name “ability” as the more important factor.”
—Perry Garfinkel (20th century)
“God gave the righteous man a certificate entitling him to food and raiment, but the unrighteous man found a facsimile of the same in God’s coffers, and appropriated it, and obtained food and raiment like the former. It is one of the most extensive systems of counterfeiting that the world has seen.”
—Henry David Thoreau (1817–1862)