Products

Electronic signing and identification solutions for all types of organizations.

Electronic Signature

Send out contract in seconds.

Digital Identifying

Remotely verify identities.

Pricing

See and compare various packages and prices.

Integrations

API

Easily integrate Signhost into your own system with our REST API.

Mobile App

Sign and send documents quickly, easily and securely with the Signhost app.

Third-Party Integrations

Find out whether Signhost integrates with the third-party software you currently use.

Documentation

Go to our REST API documentation.

Pricing

Insights

Blog

Read more about digital signatures and e-identification subjects.

FAQ

Find answers to common inquiries about our e-signature and e-identification solutions.

Glossary

Explore key terms related to digital signatures and digital identification.

Company

About us

Signhost is Entrust's cloud signing and identification solution.

Entrust

The global leader in identities, payments, and digital infrastructure.

What is a Digital Certificate?

A digital certificate is an electronic document that proves the legitimacy of devices, users, and servers. It uses cryptographic algorithms and Public Key Infrastructure (PKI) to authenticate the certificate holder’s identity and encrypt communications over networks.

Purpose of a digital certificate

The primary purpose of a digital certificate is to verify the ownership of a public key. It could be an organization, a device, or an individual. By verifying ownership, it authenticates users and devices, facilitates secure communications, ensures data integrity, and supports non-repudiation.

Digital certificates prevent unauthorized access and data breaches, assuring users that their sensitive data is transmitted securely.

Key components

Public key: The public key is bound to the certificate owner’s identity and is publicly available. It is used to encrypt communication and confirm the validity of digital signatures.
Private key: The public key is paired with a private key, which is held securely by the owner. This key is used to create digital signatures and decrypt data that has been encrypted with its matching public key.
Certificate Authority (CA): A CA is the certificate issuer; a trusted third-party agency. The issuer verifies the requester’s identity before generating the certificate, playing a vital role in establishing trust online.
Subject information: The certificate holds the recipient’s details, including legal name, email address, domain name, locality, and other identifying information. It also includes the CA’s domain name, organization name, and locality.
Validity period: This specifies the period during which the certificate is effective, indicated by start and end dates.
Digital signature: This is a cryptographic signature provided by the CA that confirms the identity of the certificate owner and ensures the certificate’s authenticity.

Types of digital certificates

SSL/TLS certificates: These certificates secure communications between users and servers using the SSL/TLS protocol. A Qualified Website Authentication Certificate (QWAC) is a type of SSL/TLS certificate used under the EU’s eIDAS Regulation. A QWAC ensures a high level of trust and security by meeting stringent regulatory requirements.
Code signing certificates: Software developers and publishers use these certificates to sign their code and files. This assures users that the files are unaltered and originate from a verified and authentic source.
Email certificates: Email, or S/MIME, certificates secure email communications. Users can digitally sign and encrypt outgoing emails, ensuring that messages and attachments are not tampered with by a third party.
Client certificates: These certificates authenticate users and devices to servers. They are commonly used in secure networks to restrict information access to authorized users only.

How the certificate works

Request: The entity requiring the certificate generates a public-private key pair using a key generation tool. They send a Certificate Signing Request (CSR) to a CA along with their public key and details.
Issuance: The CA verifies the entity’s details by confirming the accuracy and validity of the information presented. Upon successful verification, they issue a digital certificate which binds the holder’s identity to the public key.
Installation: The certificate owner installs the certificate on their server, making the public key available.
Secure communication: When a user wishes to communicate securely, their browser retrieves the public key from the certificate and uses it to encrypt the message. The owner’s server uses the matching private key to decrypt it.
Verification: When a digital signature is used, the document recipient can verify the signature using the public key and confirm the legitimacy of the message.

Link to glossary item when live: https://sorted.height.app/T-2197

*Disclaimer: This content does not constitute legal advice. The suitability, enforceability or admissibility of electronic documents will likely depend on many factors such as the country or state where you operate, the country or state where the electronic document will be distributed as well as the type of electronic document involved. Appropriate legal counsel should be consulted to analyze any potential legal implications and questions related to the use of electronic documents.