Three Types of Digital Certificate

[1] There are three main types of Digital Certificates, they are:

1. Secure Socket Layer [2] Certificate [SSL] Digi-SSL™

2. Software Signing [Code Signing Certificate] Digi-Code™ [3]

3. Client Certificate [Digital ID] Digi-ID™

• Secure Socket Layer

Secure Socket Layer [SSL] server Certificates are installed on a server. This can be a server that hosts a website like www.digi-sign.com [4], a mail server, a directory or LDAP server, or any other type of server that needs to be authenticated, or that wants to send and receive encrypted data. To automate the entire life cycle of your SSL environment, see the Automated & Authenticated Certificate Delivery™ System [5].



• Code Signing Certificate

Code Signing Certificates are used to sign software or programmed code that is downloaded over the Internet. It is the digital equivalent of the shrink-wrap or hologram seal used in the real world to authenticate software and assure the user it is genuine and actually comes from the software publisher that it claims.



• Client Certificate

Client Certificates or Digital IDs are used to identify one person to another, a person to a device or gateway or one device to another device. Client Certificates are issued in their thousands and millions each year and would be the principle reason for purchasing a CA.

Two people communicating by email will used a client certificate to authenticate or digitally sign their respective communications. This Signature will assure each person that the email is genuine and comes from the other person.

A person that is given access to a secure online service like a database, an extranet or intranet will be authenticated to the gateway or entry point using a Client Certificate. This type of strong two factor authentication [6] replaces less secure usernames and passwords currently in use on many websites.

If two routers or a Virtual Private Network [VPN] connection needs to authenticate each other, a Client Certificate can be used and exchanged to prove the connection is trusted. This type of client authentication occurs deep within the application and is not usually visible to the end user. This type of device-to-device authentication often uses a particular IPSec Client Certificate.
Also, bespoke applications and hardware seeking to utilize IP technology securely can use Digital Certificates to authenticate the application and/or for device-to-device authentication.

Where to get Digital Certificates

All Digital Certificates come from a Certificate Authority [7] which is a computer system that is capable of issuing the different types of Digital Certificate. The online flash presentation of Digi-CA™ [8] explains the benefits in a simple and easy to understand manner.