A digital certificate is an electronic file that distinctively identifies individuals and Web sites on the Internet and enables secure, private communications. It links the name of an entity that participates in a protected transaction (for instance, a Web site address or an e-mail address) by the public key that is used to sign communication with that entity in a cryptographic system.
Usually, the "signer" of a digital certificate is a "certificate authority" (CA; such as VeriSign) or "trusted third party". In adding up, all participants who use such certificates agree it is a point of secure management and storage of the associated private signing key. The CA issues, creates, and signs certificates, as well as probably playing a role in their allocation.
Using digital certificates simplifies the problem of trusting that an exacting public key is in information related with a participating party, efficiently dropping it to the problem of "trusting" the related CA service. Digital certificates, consequently, can serve as a type of digital credential or passport. This approach represents and proceed in the key management problem, because it reduces the problem of bootstrapping trust to the problem of setting up (or in today's marketplace, selecting as a vendor) the suitable CA functionality. All parties that trust the CA can be positive that the public key that appear in certificates are legal.