Digital certificate is issued by a trusted third party which proves sender’s identity to the receiver and receiver’s identity to the sender.
A digital certificate is a certificate issued by a Certificate Authority (CA) to verify the identity of the certificate holder. The CA issues an encrypted digital certificate containing the applicant’s public key and a variety of other identification information. Digital certificate is used to attach public key with a particular individual or an entity.
Digital certificate contains:-
- Name of certificate holder.
- Serial number which is used to uniquely identify a certificate, the individual or the entity identified by the certificate
- Expiration dates.
- Copy of certificate holder’s public key.(used for decrypting messages and digital signatures)
- Digital Signature of the certificate issuing authority.
Digital certificate is also sent with the digital signature and the message.
Digital certificate vs digital signature :
Digital signature is used to verify authenticity, integrity, non-repudiation,i.e. it is assuring that the message is sent by the known user and not modified, while a digital certificate is used to verify the identity of the user, may be sender or receiver. Thus, digital signatures and certificates are different kinds of things but both are used for security. Most websites use digital certificates to enhance the trust of their users.
|Feature||Digital Signature||Digital Certificate|
|Basics / Definition||Digital signature is like a fingerprint or an attachment to a digital document that ensures its authenticity and integrity.||Digital certificate is a file that ensures holder’s identity and provides security.|
|Process / Steps||Hashed value of original message is encrypted with sender’s secret key to generate the digital signature.||It is generated by CA (Certifying Authority) that involves four steps: Key Generation, Registration, Verification, Creation.|
|Security Services||Authenticity of Sender, integrity of the document and non-repudiation.||It provides security and authenticity of certificate holder.|
|Standard||It follows Digital Signature Standard (DSS).||It follows X.509 Standard Format|