Previous Topic: SSL, Authentication, and CertificatesNext Topic: What a Certificate Proves


What a Certificate Contains

Programs send X.509 certificates to prove that their identity is bound to a public key. This lets other programs encrypt messages knowing that only the subject of the certificate can decrypt those messages.

The contents of an X.509 certificate are as follows:

Associated with the certificate, but kept separate and secure, is the subject's private key. The subject uses the private key to decrypt messages that programs have encrypted with the public key.