A Digital Certificate is an electronic document that binds a public key to an identity, verified and signed by a trusted Certificate Authority. When you connect to a website via HTTPS, the server presents its certificate proving it owns the domain. Your browser validates the CA signature and checks revocation status before establishing a secure connection.
Certificates contain the subject’s name, public key, validity period, issuer information, and the CA’s digital signature. X.509 is the standard format. Certificate types include domain validation (DV), organization validation (OV), and extended validation (EV), offering increasing levels of identity verification.
CISSP Relevance
Domain 3 (Security Architecture and Engineering) covers certificate types, contents, and lifecycle. Understand how certificates enable authentication and secure communication, certificate validation processes, and common certificate-related attacks. Know the difference between self-signed and CA-issued certificates.
Certificate standards are defined at ITU-T X.509.
Related terms: PKI, Digital Signature