Contain identifying information about the organization that owns the application.
server must have a digital certificate to use the Secure Sockets Layer (SSL).
Allows clients to use certificates to authenticate to resources instead of user names and passwords.
Used to digitally "sign" an object.
By signing the object, you provide a means by which you verify both the object's integrity and the origination or ownership of the object.
August 8, 2009
: X.509 CERTIFICATE FORMAT August 8, 2009 Signature algo. identifier Period of validity Subject’s pub Key inf Signat-ure version certificate serial num Algorithm parameters Issuer name Not before Not after Subject name Algorithm issuer unique identifier subject unique identifier extension algorithm Parameter Encrypted parameters keys
August 8, 2009 User serial no Certificate serial no Revocation date Certificate revocation list Registration Authority Revocation repository Reg_no Customer ID Date of registration CSR Date Certificate issue date Registration form