0.18.3: What are digital certificates?

A digital certificate is an electronic document that provides proof of identity for a user. In some ways, using a certificate in the electronic world is like using an ID card in the physical world. The certificate is issued to you, and you need only present it. For example, authentication typically takes place without intervention by the user. There are no identifiers and passwords to remember and enter.

A certificate contains encrypted security data. The user must keep a private key (used only by the user) to decrypt the information. If this key is lost or stolen, security can be compromised.

Certificates require knowledge and effort to administer. Some administrators must issue and maintain large numbers of certificates. Certificates can be managed partially by certificate-authority server software, such as the IBM Vault Registry product or Verisign.