SSL: Signed Certificate

SSL - Signed Certificate


The certificate is identical to the certificate request with the addition of the certificate authority’s signature.  The is composed of the endpoint’s distinguished name,  public key and signature. The distinguished name contains details about the certificate bearer including country, state or province, locality, details about the entity the certificate represents, and often an email to contact if there are problems. The public key is needed later to allow the SSL handshake to be performed securely. The signature is generated by digesting the entire certificate and encrypting the digest with the certificate authority’s public key.  The signature ensures the certificate has not been modified since signing and that it was actually signed by the certificate authority.  Thus, certificates provide a measure of trust when signed by a legitimate certificate authority.