Certificates are used to authenticate a server process or a human user. A certificate
authority (CA) is an authority in a network that issues and manages security
credentials and public keys for message
encryption. As part of a
public key infrastructure (PKI), a CA checks with a registration authority to verify information
provided by the requestor of a
digital certificate. If the registration authority verifies the requestor's information, the CA can then
issue a certificate.
A certificate authority (CA) is a third-party organization that verifies the information
or the identity of computers on a network and issues digital certificates of authenticity.
Digital certificates are used in a network security system to guarantee that the two
parties exchanging information are really who they claim to be. Depending on how a
network's security system is configured, the certificate can include its owner's public
key and name, the expiration date of the certificate, or other information.
Authenticating entities
is accomplished through three types of certificates:
-
Third-party-signed
You go to a commercial
third-party certificate authority, such as VeriSign, Symantec, or
Comodoto and purchase a certificate.
-
site-signed
You go to the IT department
at your site to obtain a certificate.
-
self-signed
You serve as your own
certificate authority.