Digital certificate is a format to declare the identity of the certificate-installer. The format includes information like name, city, state, country, organization etc of the installer.
If a site wants to make itself secure, it installs such a certificate encrypted with the private key on its web-server’s listening port.
Then it publicly distributes the public key (to say browsers).
When the user hits the web-site, the site presents this certificate encrypted with the private key to the browser. Browser decrypts using public key and then it verifies the decrypted content for authentication.
Additionally, the digital certificate encrypted with private key is digitally signed by the CA by the CA’s private key. This step adds another level of security because anyone with CA’s public key can verify that the certificate was indeed issued by the CA. CAs typically add physical form of verification to increase the value of their certificate.
|Email:||(Your email is not shared with anybody)|