PKI Determines How Public Keys Are Tied to a Matching Private Keys

There is a variety of terms used along with digital certificates, and how they are created and used. One term used is X509 and is the current standard used to determine the layout of the certificate and the information it contains. Another term used frequently is PKI, which means public key infrastructure, and has to do with how public keys are bound and tied to specific user identities, as well as their respective private keys. For example, if you use a digital certificate to electronically sign documents, forms or files using a private key, then other users will need their own digital certificate with the matching public key in order to authenticate these items. Both the public and private key have to be tied together, because whenever authentication is performed, the public and private key have the same shared result that must match. Otherwise, it would not be possible to decrypt the data and complete authentication processes.

PKI Allows Users to Connect to Secure Areas on Websites

Another use for PKI certificates is to authenticate users over public networks, like the internet. When used in this way, the digital certificates contain a public key bound to a private key held by an organization, which is authenticated against whenever accessing secure areas on their website. For instance, financial institutions, banks, and credit unions all supply their customers with the ability to perform online banking transactions. In order to verify the user is who they say they are, not only do they have to provide a valid user name and password, but also the appropriate digital certificate they were issued.