What is a digital certificate?

In cryptography, a digital certificate is an electronic document that uses a digital signature to bind together a public key with an identity – for example, the name of an organization. The certificate is used to confirm that a public key belongs to a specific organization.


What is the purpose of a digital certificate?

The digital certificate is used to establish a trusted environment between two remote entities (two private individuals, a person and a web server etc.) that need to mutually identify each other in order to communicate and/or exchange confidential information.


Why do I need a digital certificate?

In the physical world, the concepts of signature and confidentiality are omnipresent: a confidential letter is sealed in an envelope, important documents are signed by hand. The same logic applies to electronic exchanges, and digital certification concerns all players involved: individuals who must identify themselves for online services, employees of a company (or a group of partner companies) who need to exchange critical information, web servers or network components that need to create a trusted environment with the population connecting to it etc.


What are the different types of digital certificates?

  • Server certificate: hosted on a server (Intranet, Extranet or Internet) and used to identify the server and establish secure sessions (SSL protocol).
  • Personal certificate: hosted on a computer or physical device linked to a private individual and possibly also linked to their company, such as a bank or an internet service provider.
  • IPsec certificate: hosted on a network component, it identifies the component and makes it possible to encrypt all information exchanged between this component and another component of the same network.

What are digital certificates used for?

Certificates are used primarily to verify the identity of a person or device, authenticate a service, or encrypt files.


What needs do digital certificates cover?

Digital certificates cover the following needs:

  • Authentication: ensures that a person is who they claim to be.
  • Non-repudiation: ensures that the parties to a transaction cannot withdraw.
  • Confidentiality: ensures that unauthorized persons cannot access confidential information.
  • Data integrity: ensures that data is not altered.

Who is allowed to deliver digital certificates?

A digital certificate is an electronic ID. Whether physical or electronic, all types of IDs (national passport, company badge, sports federation membership card) are issued by organizations with a certain level of trust depending on who is delivering it.
Examples of organizations include: the State Department for citizens; senior management for employees; a sports federation, for athletes. These organizations are called Certificate Authorities. They are the authoritative body when it comes to certifying the identities and main characteristics of the persons to whom they deliver electronic certificates.