Tags

  • AWS (8)
  • Apigee (3)
  • ArchLinux (5)
  • Array (6)
  • Backtracking (6)
  • BinarySearch (6)
  • C++ (19)
  • CI&CD (3)
  • Calculus (2)
  • Database (1)
  • DesignPattern (43)
  • DisasterRecovery (1)
  • Docker (8)
  • DynamicProgramming (20)
  • FileSystem (11)
  • Frontend (2)
  • FunctionalProgramming (1)
  • GCP (1)
  • Gentoo (6)
  • Git (16)
  • Golang (1)
  • Graph (10)
  • GraphQL (1)
  • Hardware (1)
  • Hash (1)
  • Kafka (1)
  • LinkedList (13)
  • Linux (27)
  • Lodash (2)
  • MacOS (3)
  • Makefile (1)
  • Map (5)
  • Miscellaneous (1)
  • MySQL (21)
  • Neovim (11)
  • Network (74)
  • Nginx (6)
  • Node.js (33)
  • OpenGL (6)
  • PriorityQueue (1)
  • ProgrammingLanguage (9)
  • Python (10)
  • RealAnalysis (20)
  • Recursion (3)
  • Redis (1)
  • RegularExpression (1)
  • Ruby (19)
  • SQLite (1)
  • Sentry (3)
  • Set (4)
  • Shell (4)
  • SoftwareEngineering (12)
  • Sorting (2)
  • Stack (4)
  • String (2)
  • SystemDesign (13)
  • Terraform (2)
  • Tree (24)
  • Trie (2)
  • TwoPointers (16)
  • TypeScript (3)
  • Ubuntu (4)

    • Home

    Certificate and Private Key

    Published Jul 03, 2025 [  Network  ]

    A certificate and a private key are two essential components in public key cryptography, especially in systems like HTTPS, TLS/SSL, email encryption, and authentication. Here’s a breakdown:

    🔐 Private Key

    • A secret key that must be kept confidential.

    • Used to:

      • Decrypt data encrypted with the corresponding public key.
      • Sign data to prove authenticity and integrity.
    • Example format: PEM (Base64-encoded, starts with -----BEGIN PRIVATE KEY-----)

    📄 Certificate

    • A public document that contains the public key and identity information (e.g., domain name, organization).
    • Issued and digitally signed by a Certificate Authority (CA).

    • Used to:

      • Prove the identity of a server or user.
      • Encrypt data sent to the owner of the certificate.
    • Example format: PEM (Base64-encoded, starts with -----BEGIN CERTIFICATE-----)

    🧩 Relationship

    • The private key and certificate form a key pair:

      • Anything encrypted with the public key (in the certificate) can only be decrypted with the private key.
      • Anything signed with the private key can be verified using the public key.

    Example Use Case in HTTPS (TLS):

    1. Server sends its certificate to the client.
    2. Client verifies the certificate via trusted CAs.
    3. Client uses the public key in the certificate to encrypt a secret.
    4. Server uses its private key to decrypt that secret and establish a secure session.