Secure Socket

Secure Socket Layer [SSL] server certificates are installed on a server. This can be a server that hosts a website like www.digi-sign.com, a mail server, a directory or LDAP server, or any other type of server that needs to be authenticated, or that wants to send and receive encrypted data.

Code signing certificates are used to sign software or programmed code that is downloaded over the Internet. It is the digital equivalent of the shrink-wrap or hologram seal used in the real world to authenticate software and assure the user it is genuine and actually comes from the software publisher that it claims.

Client certificates or Digital IDs are used to identify one person to another, a person to a device or gateway, or one device to another device. Client certificates are issued in their thousands and millions each year and would be the principle reason for purchasing a CA.

A person that is given access to a secure online service like a cloud service, an extranet or web portal will be authenticated to the gateway or entry point using a client certificate. This type of strong two factor authentication replaces less secure usernames and passwords currently in use on many websites.

If two routers or a Virtual Private Network [VPN] connection needs to authenticate each other, a client certificate can be used and exchanged to prove the connection is trusted. This type of client authentication occurs deep within the application and is not usually visible to the end user. This type of device-to-device authentication often uses a particular IPSec client certificate.

Also, bespoke applications and hardware seeking to utilize IP technology securely can use digital certificates to authenticate the application and/or for device-to-device authentication.

Digital signatures are used to authenticate documents, files and emails and are the electronic equivalent of a handwritten signature. Digital signatures are issued in their thousands and millions each year and would be another use for a CA.

For example, two people communicating by email will used a client certificate to authenticate or digitally sign their respective communications. This digital signature will assure each person that the email is genuine and comes from the other person. And the same digital signature can be used to sign forms, PDF documents, workflow processes, etc.