Digital certificates are a proof of an endpoint’s authenticity, like a server or a user. For example, if a browser requests a website, how do we know that the page that’s returned to us is the genuine one? Digital certificates provide the stamp of genuineness by binding the public key with the entity (server or client) that owns it, provided the entity possesses the corresponding private key. Digital certificates are issued by a Certificate Authority (CA).
A digital certificate contains the name of the certificate holder, a serial number, expiration dates, a copy of the certificate holder’s public key (used for encrypting messages and digital signatures) and the digital signature of the certificate-issuing authority (CA) so that a recipient can verify that the certificate is real.