Types of Certificates 6.4 Flashcards
Root Certificate
The public key certificate that identifies the root CA. The root certificates issues other certificates. Intermediate CA’s come from a root CA. Access to the root CA allows for the creation of any trusted certificate.
Web Server SSL Certificates
Domain Validation (DV) Certificates is assigned to a web server for SSL encryption.
Extended Validation (EV) Certificate is assigned to sites that have additional checks verified. The site is awarded a green name to distinguish it.
Web Server SSL Certificates Cont.
Web server certificates that support many different domains with one certificate is called a Subject Alternative Name (SAN) certificate. It’s an extension of the X.509 certificate standard. It lists additional identification information.
A Wildcard Domain certificate will apply to all servers associated within a domain. i.e.
Leo.Limitless.com
Jenny.Limitless.com
www.Limitless.com
Could use a Wildcard Domain Certificate
Self-Signed Certificates
Internal certificates don’t need to be signed by a public CA. Since no external sources are going to use it, you can create your own CA and use it within your own company. This means you don’t have to purchase trust for devices that already trust you.
Machine and Computer Certificates
You have to manage many devices. Often times you’ll never physically see them. In order to trust these devices, you can put an internal certificate on them.
User Certificates
You can associate a certificate with a user. This is essentially a powerful electronic “id card”. It can be used as an additional authentication factor. This is commonly integrated onto smart cards used both as physical and a digital access card.
Email Certificates
You can use cryptography in an email platform. Email certificates allow us to do that. You use a recipient’s public key to encrypt. Receiver uses their private key to decrypt. Digital signatures allow you to digitally sign an email, and verify the authenticity/integrity of the email.
Code Signing Certificate
Developers can provide a level of trust by digitally signing the code they distribute. The users OS will examine the signature to see if anything has changed. If the app doesn’t validate, you can stop the execution of the app and contact the dev.