What does a Windows 10 digital certificate do? (original) (raw)
IT pros can build trust into Windows 10 by adding certificates that form trusted connections by confirming the identity of any individuals or entities communicating with the OS.
Usually working behind the scenes, a Windows 10 digital certificate plays an invaluable role in establishing trusted connections across public and private networks between Windows 10 and other entities.
A Windows 10 digital certificate confirms the identity of the individual or entity interacting with the OS, enabling trusted communication by signing email messages, authenticating network connections, facilitating smart card logins and more.
Introducing the digital certificate
A Windows 10 digital certificate provides digital credentials to verify the identities of individuals or entities. Using cryptographic technologies, a certificate allows a Windows 10 user to trust a subject -- the individual or entity that provides the certificate as a form of identification across network connections.
For example, a company might maintain a website that offers a variety of online resources to its partners. To ensure that the partners can safely access those resources, the company might acquire a certificate from a trusted certificate authority (CA) and assign it to the website. The CA is responsible for confirming the identity of the certificate holder. This allows the partners to establish trusted connections. In this case, the company is considered the certificate's subject.
One of the most common use cases for a Windows 10 certificate is to facilitate Secure Sockets Layer connections between web browsers and servers.
A certificate limits the possibility of a malicious user intercepting, counterfeiting or altering communications. Certificates are based on public key cryptography, which uses public and private keys to verify subject identities, as well as to encrypt and decrypt data.
Each certificate contains the public key from the subject's private and public key pair. The subject retains the private key in its own secure environment. As a result, the certificate binds the subject to the key pair, making it possible to authenticate the subject when carrying out secure electronic transactions.
A Windows 10 certificate is based on the X.509 standard defined by the Internet Engineering Task Force. X.509 certificates also include the subject's name, the certificate's period of validity and the issuing CA. Windows certificates also support extended properties to provide additional information, such as the subject's email address or the types of activities the certificate supports.
One of the most common use cases for a Windows 10 certificate is to facilitate Secure Sockets Layer connections between web browsers and servers whether on an internal network or on the internet. IT can also use certificates to secure internal messages and emails, share information, connect applications and services, and more.
Dig Deeper on Windows OS and management
-
private CA (private PKI) 
By: Jason Soroko -
Google drops TrustCor certificates as questions loom 
By: Rob Wright -
X.509 certificate 
By: Alexander Gillis -
3 types of PKI certificates and their use cases 
By: Isabella Harford
Related Q&A from Robert Sheldon
What's the best way to protect against HDD failure?
Whatever the reason for failure, HDDs are hard to repair. Admins need to get out in front of potential issues, like the four described here, to ...Continue Reading
What Microsoft Defender Antivirus features are on Windows?
While there are plenty of viable enterprise-grade third-party desktop security platforms, Microsoft has built out a strong array of native features ...Continue Reading
How should I choose a new server hardware configuration?
It's important to consider current and future business needs when choosing a server to ensure you'll have adequate CPU, memory, storage and network ...Continue Reading