Definition
Public Key Certificate
A public key certificate is a digital document used to prove the authenticity of a public key. It binds a public key to its owner and contains a signature computed by a trusted certificate authority (CA) on the certificate’s content.
Content
The key being certified, along with its type and parameters.
Subject
Information about the owner (name, address, country, domain name).
Issuer
Information about the issuing CA.
Validity
From/until dates.
Key Usage
Intended purposes (encryption, signing, signing other certificates).
Alternative Names
Domains for which the certificate is valid (e.g. wildcard certificates).
Algorithms used and the signature value computed by the CA.
Creation
- The registration authority verifies the correctness of the data about the subject requesting the certificate.
- The data contained in the certificate is signed with the private key of the issuing certificate authority.
- The signature is entered into the certificate.
Validation
A certificate is considered valid if:
- the CA’s signature on the certificate can be verified
- the certificate has not expired
- the certificate has not been revoked
- the chain of trust leads to a trusted root certificate
