Tech Tips Home
The Best Tech Tips And Daily Deals
Newsletter On The Internet!

WorldStart Tech Tip And Store Search
Email: Password: Login Remember Me
looking for freeware

Like what you see here? Subscribe to the Tech Tips newsletter!   Email: Subscribe

What Is A Digital Certificate And How Does It Work?

Tuesday, March 11th, 2014 by | Filed Under: Computer Terms, Security Help

Cel Mengata from St Paul, Minnesota writes:

What is a certificate and how does it work on a computer?

Cel, a digital certificate is an attachment to an electronic message used for security purposes. It is the digital equivalent of a physical or paper certificate. Just as a physical license serves to identify an individual and show what they are allowed to do, e.g. a driver’s license identifies someone who can legally drive, a digital certificate is presented to prove your identity and the right you have to access certain information on the internet.

It is used to ensure that when data passes from one computer to another over a network, the data will not be able to be read by an unauthorized entity and for extra security measures, the data will be checked by the receiving computer using a digital certificate to verify the integrity of the data and to ensure that it was not altered in transit.

When data is sent through a network, there is usually a risk that the message may be intercepted, read and even modified by an unauthorized person. To prevent this, data is usually encrypted to prevent it from being read and understood until it is decrypted. This is where digital certificates come in.

Digital certificates use a cryptographic technology called public-key cryptography to sign data and to verify the integrity of the certificate itself.
Public key cryptography is a system based on pairs of keys called public key and private key. A public key is used to encrypt data and its corresponding private key is used to decrypt the data.

To understand how public-key cryptography works, we will look at how it is used to encrypt email messages from Email Client A to Email Client B. Suppose A wants to send a secure encrypted message to B and wants to ensure that only B can decrypt the message. B owns a public key and a private key. He can only decrypt a message (using his private key) that was encrypted by his public key. To make it possible for others to encrypt messages with his public key, he applies for a digital certificate from a Certified Authority (CA). The CA issues B a digital certificate containing his public key and a variety of other identification information. The CA then makes B’s public key available on the internet through a directory service. When A wants to send a message to B, he obtains the digital certificate containing B’s public key and identification information from a CA’s directory service and uses it to encrypt the message before sending it. When B receives the message, he uses his private key to decrypt it. As long as B’s private key is kept secure, no other user can decrypt a message meant for them.

How Digital Certificates Are Used

A digital certificate contains information that identifies the certificate’s owner and their public key. The certificate also has information that identifies its issuer i.e. the Certified Authority (CA) that issued the certificate. The CA digitally signs each certificate with its own private key. To do this, the CA generates a message digest from the certificate, encrypts the digest with its private key and includes the digital signature as part of the certificate. Clients can use the message digest and the CA’s public key to verify the certificate’s integrity. If a certificate becomes tampered, its message digest will not match the digest in the CA’s digital signature.


Tags: , ,

3 Responses to “What Is A Digital Certificate And How Does It Work?”

  1. Shiva Prakash says:

    Informative Thanks a lot

  2. Ramji Sridaran says:

    It would be better if you can explain with a real time example of the website and a Certificate Authority. Its a bit difficult to understand whats happening in real time.

  3. Sanjay SIngh says:

    Hello Sir, May I know what do you mean by digital signature in the below statement?
    “To do this, the CA generates a message digest from the certificate, encrypts the digest with its private key and includes the digital signature as part of the certificate.”

    digital signatures are used basically to authenticate the sender, So CA will calculate the message digest using hash function(using it’s own private key) and then how would it encrypt that data as Certificate requester(receiver of certificate) does not have any public -private key pair initially(at this moment).

    does this this mean that CA sends the certificate back to the Requester unencrypted?

Leave a Reply

Like these tips? Get them for FREE in your email!

WorldStart's Tech Tips Newsletter

  • Tech Tips Daily - Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

  • Tech Tips Weekly - If you don't want our Tech Tips newsletter every day, then sign up for this weekly newsletter to get the best information of the week. Sent on Fridays.

Other Newsletters

  • WorldStart's Daily Deals - Every week, we send out great deals in our Daily Deals newsletter. Many of these deals are exclusively for our Daily Deals newsletter subscribers and can't be found with our regular specials.

  • Just For Grins - Each issue includes a couple clean jokes, some funny quotes, and a hilarious reader's story. Newsletter is sent five days a week.

Enter Email Address:


Your e-mail address is safe with us!
We only use it to send you the newsletters you request. It is NEVER disclosed to a third party for any reason, ever! Plus, if you decided you don't like our newsletters (don't worry, you'll love them), unsubscribing is fast and easy.

Free Newsletter Signup

Tech Tips Daily

Become a tech pro! Get the very best tech and computer help sent directly to your email every weekday!

Tech Tips Weekly

The week's best in tech and computer help. Get your issue sent to your email every Friday!

WorldStart's Daily Deals

The very best deals on the Internet! Get a new set of incredible sales every day of the week!

Just For Grins

Clean jokes, funny quotes, and hilarious comics. Sent 5 times a week straight to your email.


Love Worldstart? Refer A Friend!

looking for freeware
WorldStart's Premium Membership

Tip Archive