X.509
A digital certificate is an electronic document that uses a digital signature to bind a public key to an identity (person, device, or service) — issued and verified by a Certificate Authority (CA).
⚙️ How Does It Work?
The CA verifies the identity of the requesting entity and issues a certificate containing the public key, identity information, validity period, and CA signature. Relying parties trust the certificate because they trust the CA.
📍 Where Is It Used?
TLS/HTTPS (website security), mutual TLS (mTLS) for service-to-service authentication, client certificates for device identity, code signing, email encryption (S/MIME).
💡 Real-World Example
A company's microservices use mutual TLS with X.509 certificates for service-to-service authentication. Each service has its own certificate issued by the internal CA. When Service A calls Service B, both present certificates — verifying each other's identity without passwords.
🔗 Related Terms
Stay Ahead in Identity Security
Get weekly IAM, PAM & IGA insights via Identity Pulse.
Subscribe to Identity Pulse →