What is a PKI certificate?
A PKI certificate is a digitally signed document that is comparable with a physical identity card or a passport used in the analog world.
A PKI certificate is a trusted digital identity. It is used to identify users, servers or things when communicating over untrusted networks, to sign code or documents and to encrypt data or communication. A PKI certificate is also called a digital certificate.
Public-key cryptography uses private and public keys, where the certificate is used to prove the ownership of the public key, by storing it together with information about the owner and some administrative data. The certificate is signed by the issuing CA and the signature is attached in the certificate. X.509 is the standard for the most commonly used digital certificate formats.
The purpose of PKI certificates is to create a secure digital world where each certificate works as gatekeeper for secure sharing of digital information.
How to get a PKI certificate
Certificate authorities, such as PrimeKey’s EJBCA, can issue and manage PKI certificates in various formats and for many different use cases. The type of certificate depends on how it will be used. Ideally, choose a flexible CA that supports any required formats and protocols and that is scalable to grow with your needs.
For signing code, documents or ePassports, there are other available tools, such as PrimeKey’s SignServer.
What to use a PKI certificate for
Here are some use cases for PKI certificates:
- Secure network communication, using TLS certificates
- Code and document signing
- Email signing and encryption
- IoT certificates
- Personal authentication