Last month I wrote about securing email using certificates. You can however do all sorts of other things with certificates, so I thought I would share with you a few of those things. Before I start though I want you to think of a digital certificate not as some weird tech “thingy,” but imagine it is more like the seal a king or noble would stamp onto a letter to sign it or use to identify himself. Like a stamp of your signature, an individual can get a certificate to use from a certificate authority like Verisign once they complete the verification process.
Once you have a certificate, you can use it for lots of things. The first is to be able to sign a document. A PDF requiring a signature can be signed using a digital signature. The public portion of the certificate will be attached to the document. What makes this secure is that you own the certificate and never share the private part of the certificate with anyone else. Along the same idea is that once a document is stamped, it can’t be changed without the document itself showing it is no longer secure, because something changed to invalidate the document since it was stamped with your certificate.
Signing and securing documents isn’t the only thing for which a personal certificate is good. A personal certificate can also be used to identify you. This identification — like a key card at a hotel — can be used to give you access to your computer or resources. The certificate can be used to log you into certain websites securely without ever typing a password. These certificates can be stored securely on the certificate store on your computer or can be loaded onto a flash drive and taken with you. Just don’t lose your flash drive, because that would be like having your wallet stolen or lost and be a potential breach of whatever you are securing with that certificate.
Certificates can be installed on servers and on websites to make sure that any data sent to or from the server is safe and encrypted. When you go to Amazon you may notice that when you check out there is a lock on the address bar or the address bar turns green. This is a visual clue that the server is using a certificate, that the certificate is valid, the server is who it says it is, and that anything sent between your browser and the server is encrypted.
Certificates don’t have to come from big certificate authorities. Chances are you already have everything you need to set up an internal certificate authority right on your windows server. A company can set up internal or internet facing certificate servers and use the certificates generated there for employees, partners, and clients to identify users, secure traffic, and enable internal digital signature and approval processes.
Certificates are versatile and useful in the real world and can be used to make everything you do more secure. Certificates are generally thought of as difficult, confusing, and intimidating…they shouldn’t be. With a little planning and a little help from the right technical person, making use of certificates can be a simple and straight-forward process.