A certificate is essentially a digital document issued by a trusted central authority and used by the authority to validate a user’s identity. Central, trusted authorities such as VeriSign are widely used on the Internet to ensure that software from Microsoft, for example, is really from Microsoft, and not from a rogue source.
Certificates are used for multiple functions, such as the following:
• Secured SharePoint site access
• Secured email
• Web-based authentication
• IP Security (IPsec)
• Code signing
• Certification hierarchies
Certificates are signed using information from the subject’s public key, along with identifier information such as name, email address, and so on, and a digital signature of the certificate issuer, known as the certificate authority (CA).