How digital certificates work

 

You obtain a digital certificate by sending information to a CA. The X.509 standard defines a format for this information, but some CAs have their own format. Certificate requests are usually generated by the certificate management tool your system uses, for example the iKeyman tool on UNIX systems and RACF on z/OS. The information comprises your Distinguished Name and is accompanied by your public key. When your certificate management tool generates your certificate request, it also generates your private key, which keep secure. Never distribute your private key.

When the CA receives your request, the authority verifies your identity before building the certificate and returning it to you as a personal certificate.

• Obtaining personal certificates
  

• How certificate chains work
  

• When certificates are no longer valid
  

 

Parent topic:

Digital certificates

sy10580_