A certificate is a small file containing a key that is used to confirm the identity of the people or services communicating with each other over a network. It ensures that both parties can be confident that they are talking to the right person or service and they can also be used to enable encryption of the communication. They are sometimes also referred to as X.509 certificates, after the international standard that defines them. More commonly they are referred to as Secure Sockets Layer (SSL) certificates. Certificate Authority (CA) A certificate is issued by a certificate authority which is a trusted third-party that validates that the certificate has been issued to the correct institution. The certificate authority 'signs' the certificate to say that it has been correctly issued. Web browsers and other network applications know about many certificate authorities and automatically check and validate the certificates when you open a network connection. Most certificate authorities are commercial companies and their certificates are automatically included in web browsers. The University of Edinburgh maintains its own private certificate authority to enable internal systems to trust each other. This article was published on 2024-10-08