What is a digital certificate?
Digital certificate
Digital certificates on the Internet are similar to ID cards and other documents held by people in society. They are used to prove the identity of the digital certificate holder on the Internet. Digital certificate holders may be natural persons, legal persons in real society, or network equipment. Digital certificates can be simply understood as "network ID cards", used to prove one's identity on the Internet.
Digital certificates and ID cards are issued by specialized organizations. ID cards are usually issued by the Public Security Bureau and bear the official seal of the issuing unit. Digital certificates protected by the Electronic Signature Law are issued by state-licensed third-party digital certification centers (referred to as CA centers), such as Tianwei Integrity Digital Certification Center, which is approved by the Ministry of Information Industry. Digital certificates with CA centers on them Electronic signature to prove the validity of the digital certificate. The digital certification center established under the license and authorization of relevant national departments has credibility on the Internet, and electronic documents such as electronic contracts and electronic orders signed with the digital certificates issued by it have legal effect.
The digital certificate mainly includes the following information: certificate version number, certificate holder information, certificate issuer (CA) information, certificate start and end validity period, certificate serial number, certificate issuer's signature, etc. This information is similar to an ID card. The signature of the certificate issuer on the digital certificate can prevent counterfeiting of the digital certificate itself, which is similar to the official seal on an ID card. However, the digital signature of the certificate issued by the CA center cannot be forged.
Based on the application perspective classification of digital certificates, digital certificates can be divided into the following types:
? Server certificate
The server certificate is installed on the server device. Used to prove the identity of the server and encrypt communications. Server certificates can be used to prevent fake sites.
After installing the server certificate on the server, the client browser can establish an SSL connection with the server certificate, and any data transmitted on the SSL connection will be encrypted. At the same time, the browser will automatically verify whether the server certificate is valid and whether the visited site is a fake site. Sites protected by server certificates are mostly used for password login, order processing, online banking transactions, etc. The most well-known server certificate brand in the world is verisign. The trusted network compiled by its server certificates has covered the world. Currently, the company has cooperated with domestic digital certification companies such as Tianwei Integrity to provide services in China
? Electronics Email Certificates
Email certificates can be used to prove the authenticity of the sender of an email. It does not prove the authenticity of the certificate owner's name identified by the CN item on the digital certificate. It only proves the authenticity of the email address.
When we receive an email with a valid electronic signature, we can not only believe that the email was actually sent from the specified mailbox, but also be sure that the email has not been tampered with since it was sent.
In addition, using the received email certificate, we can also send encrypted emails to the recipient. The encrypted email can be transmitted over an unsecured network, and only the owner of the recipient can open the email.
? Client personal certificate
Client certificates are mainly used for identity verification and electronic signatures.
The secure client certificate is stored in a dedicated u*** key. The certificate stored in the key cannot be exported or copied, and the key's protection password needs to be entered when using the key. Using this certificate requires physically obtaining its storage medium u*** key, and you need to know the key's protection password, which is also called two-factor authentication. This authentication method is currently one of the most secure identity authentication methods on the Internet.
What is managing digital certificates
This means ensuring that your account can only be logged in on the computer with the digital certificate installed. If you apply, you will be prompted to verify via SMS when logging in from other computers. If it is your own computer, just apply for a public one
What does an enterprise digital certificate look like?
Basically, a digital certificate is a security key used to keep confidentiality~~ The following information is provided for your reference. What is the use of enterprise digital certificates?
1. Basic functions
o Identity authentication
On the Internet, the identity of an enterprise has not been very effectively confirmed, which has also become an obstacle to e-government and A major bottleneck in the development of e-commerce. Identity authentication using PKI digital certificate technology relies on the uniqueness of key pair matching in the asymmetric encryption algorithm to ensure the legal identity of the enterprise on the Internet.
o Digital signature
Combined with PKI digital certificate technology, electronic signatures for anti-counterfeiting and anti-repudiation are added to various electronic documents such as Word, Excel, and PDF. And it is embedded into the electronic document in the form of a traditional seal pattern, and the effect is just like a physical signature. However, due to the combination of digital certificates, digital watermarks and other security technologies, its security is higher than that of physical signatures, and it can greatly reduce the cost of paper and delivery of traditional signature documents, and it is also more convenient to use.
2. Practical application
After the industrial and commercial administration department embeds the basic registration information of the enterprise into the "enterprise digital certificate", it can be widely used as an "electronic license":
p>o Online industrial and commercial business
Enterprises that have received the "Enterprise Digital Certificate" can complete annual enterprise inspections for subsequent years through online annual inspections. Enterprises can log in to the industrial and commercial website and complete the online annual inspection form and submit it online. Industrial and commercial staff will complete the annual inspection and notify the enterprise of the annual inspection results. Enterprises can also conduct name inquiries, registration, changes and many other industrial and commercial businesses online.
(Enterprises can consult the local industrial and commercial department to learn whether the above-mentioned online industrial and commercial services have been opened locally.)
o Online license verification
Receive "Enterprise Digital Certificate" Enterprises can log in to Huixin.com to view their electronic license by obtaining a verification code, or issue it to relevant business partners or relevant units to view the content of the enterprise's business license in real time. Obtaining the verification code: Enterprises that receive corporate digital certificates use USB-Key to log in to "Electronic License Holding Members" - click "My License Application" - click "Verification Code Management" - click "Generate New Verification Code". The verification results will be displayed on the web page to determine whether the electronic license is authentic and valid.
o Enterprise information query
Any user of "Enterprise Digital Certificate" will automatically become a certified member of Huixin website. After logging in to the website, users can enter the online query service section to You can query the relevant information of enterprises registered in Zhejiang Province according to the methods and conditions you need, and you can also query the data of some enterprises outside the province.
o E-commerce applications
Electronic licenses have broad application prospects in e-commerce activities, and their most basic application is to identify and confirm the parties involved in e-commerce. legal and valid identity; it can also display its business license through authoritative channels and proprietary technologies, thereby realizing "bright business" online, and these applications can be developed and expanded through the development and expansion of the functions of "electronic licenses" To achieve this (see "Huixin Certification" for details)
o Electronic signature
"Enterprise Digital Certificate" users can use the country's first printable electronic signature function to add electronic signatures to electronic documents. Stamp the company's official seal with digital watermark, and output paper documents with the official seal with digital watermark anti-counterfeiting function through ordinary printers.
3. Performance
o Ensure the security of identity authentication and digital signatures - digital certificates are issued by an authoritative and impartial third-party organization, the CA center, with digital certificates as the The core encryption technology can encrypt and decrypt the information transmitted on the network, digital signature and signature verification, ensuring the confidentiality and integrity of the information transmitted online, the authenticity of the identity of the transaction entity, and the non-repudiation of the signature information, thereby ensuring Web application security.
o Easy to use--USB-Key is easy to carry and easy to use, and can be operated by using a computer anytime and anywhere.
o Efficient and economical work - with the "Enterprise Digital Certificate", companies no longer have to go to the *** office to wait in long queues to handle industrial and commercial and other government-related business. At the same time, The signing of contracts for e-commerce is also much faster, and service costs are greatly saved.
o Establish an image of honest management--Enterprises can shine their business online and no longer fear counterfeiting and being counterfeited. ...
What is a digital certificate? Where to apply? Which unit is it managed by?
You can first learn about the PKI system. You can find a lot of information by searching online.
If you have a digital certificate issued to you by your organization, it means that your organization has built a CA software system (certificate issuing authority), which is generally used by large *** or enterprises and institutions.
In fact, a digital certificate is a string of data, which includes the name, ID number and other information of the user of the digital certificate. It is equivalent to binding the digital certificate to a real person. When you use the digital certificate on the network You can get real personnel information by parsing the digital certificate.
Digital certificates are also divided into several categories, including personnel certificates, server certificates, etc. There are also business certificates. Not the same. Determine based on the digital certificate issuance template.
There are two types of digital certificates: one is a soft certificate, which is installed in IE. One is the certificate generated in the USBKey. The latter ensures the security of the certificate to a certain extent because the private key is generated in the Key and cannot be exported.
The digital certificate management unit is generally managed by the issuing authority of the certificate. For example, if the certificate expires, if it is lost, it needs to be frozen and thawed, re-applied, etc.
What does a digital certificate include?
From the perspective of the objects used for digital certificates, the current types of digital certificates mainly include: personal identity certificates, corporate or institutional identity certificates, payment gateway certificates, and server certificates , corporate or institutional code signing certificate, secure email certificate, personal code signing certificate. Personal identity certificate A digital security certificate that complies with the X.509 standard. The certificate contains personal identity information and the individual's public key, which is used to identify the personal identity of the certificate holder.
The digital security certificate and the corresponding private key are stored in the E-key and are used by individuals to identify their identities in activities such as contract signing, orders, entry review, operation permissions, and payment information online. Enterprise or organization identity certificate is a digital security certificate that complies with the X.509 standard. The certificate contains enterprise information and the enterprise's public key, which is used to identify the identity of the enterprise holding the certificate. The digital security certificate and the corresponding private key are stored in the E-key or IC card and can be used for the company's external activities in e-commerce, such as contract signing, online securities trading, transaction payment information, etc. Payment gateway certificate The payment gateway certificate is a digital certificate issued by the certificate issuance center for the payment gateway. It is the main tool for the payment gateway to implement data encryption and decryption, and is used for digital signature and information encryption. The payment gateway certificate is only used for the services provided by the payment gateway (conversion of various security protocols on the Internet and the bank's existing network data format). Payment gateway certificates can only be used in a valid state. The payment gateway certificate is not transferable by the applicant. Server certificate is a digital security certificate that complies with the X.509 standard. The certificate contains server information and the server's public key. It is used to identify and verify the identity of the server in network communications. Digital security certificates and corresponding private keys are stored in E-key. The server software uses the certificate mechanism to ensure the authenticity, security, trustworthiness, etc. of both parties' identities when communicating with other servers or clients. Enterprise or Institutional Code Signing Certificate A code signing certificate is a digital certificate issued by the CA center to the software provider. It contains the software provider's identity information, public key and CA's signature. The software provider uses a code signing certificate to sign the software and then puts it on the Internet. When the user downloads the software on the Internet, he will be prompted, so that he can be sure of: the source of the software; to modify or destroy. Code signing certificates can sign 32-bit .exe, .cab, .ocx, .class and other programs and files. Secure email certificate A digital security certificate that complies with the X.509 standard, applied through IE or Netscape. The certificate applied with IE is stored in the registry of WINDOWS, and the certificate applied with NETSCAPE is stored in a file in the personal user directory. Used for secure email or to identify yourself to WEB servers (services) that require customer authentication. Personal code signing certificate A personal code signing certificate is a digital certificate issued by the CA center to the software provider. It contains the software provider's personal identity information, public key and CA's signature. The software provider uses a code signing certificate to sign the software and then puts it on the Internet. When the user downloads the software on the Internet, he or she will be prompted, so that they can be sure of: the source of the software; to modify or destroy. Code signing certificates can sign 32-bit .exe, .cab, .ocx, .class and other programs and files. From the technical perspective of digital certificates, certificates issued by the CA center are divided into two categories: SSL certificates and SET certificates. Generally speaking, SSL (Secure Sockets Layer) certificates serve bank-to-business or business-to-business e-commerce activities; while SET (Secure Electronic Transactions) certificates serve card-based consumption and online shopping. Although they are both certificates used to identify identities and digital signatures, their trust systems are completely different and the standards they comply with are also different. Simply put, the role of an SSL certificate is to prove the identity of the holder through a public key. The role of the SET certificate is...
What is a ca digital certificate?
It is like an identification number for your company with the IRS. When filing online Use it to authenticate and directly link it to your national tax account
What is a digital certificate? Why does a registered company need a digital certificate for 5 points?
Digital certificates mark the identity information of communicating parties in Internet communications. A string of numbers provides a way to verify the identity of communicating entities on the Internet. A digital certificate is not a digital ID card, but a seal or seal stamped on the digital ID card by the identity authentication agency (or added to the digital ID card). of a signature). It is issued by an authoritative organization - CA organization, also known as Certificate Authority (Certificate Authority) center. People can use it to identify each other online.
When registering a company, you need to sign some agreements. Now the process of registering a company has been simplified. It no longer requires tedious paper copies, handwritten signatures, etc. When signing these agreements or certain electronic contracts, you can use your personal digital certificate instead of your handwritten signature. When registering a company, if you don’t have a digital certificate, you can check to see if you have a bank’s U-Shield. The U-Shield actually contains your personal digital certificate. As early as when you apply for a bank account, the bank I have authenticated the identity of the individual and given the customer a U-shield if needed, so this U-shield can also be used for signatures.
(However, the Industrial and Commercial Bureau will require that the USB shield must come from specific banks). If you have any questions about the digital certificate, you can consult the WoSign Certificate Issuance Center.
What is the "EZT" digital certificate?
"Yizhengtong" is a digital certificate launched by the Sichuan Provincial Digital Certificate Certification Management Center (referred to as Sichuan CA) that can be used in multiple *** public *** affairs online business systems, including enterprise certificates and personal certificates. For details, you can log in to their website: sicca
The relationship between digital certificates and digital signatures
What is a digital certificate?
Since Internet e-commerce system technology allows online shopping customers to obtain merchant and enterprise information extremely conveniently, it also increases the risk of some sensitive or valuable data being abused. . In order to ensure the security and confidentiality of electronic transactions and payments on the Internet, and to prevent fraud during transactions and payments, a trust mechanism must be established online. This requires that both buyers and sellers participating in e-commerce must have legal identities and be able to be verified effectively online. A digital certificate is an authoritative electronic document. It provides a way to verify your identity on the Internet, functioning similar to a driver's driver's license or an ID card in everyday life. It is issued by an authoritative organization - CA Certificate Authority (Certificate Authority) center, and people can use it to identify each other in Internet communications. Of course, in the process of digital certificate authentication, the role of the Certificate Certification Center (CA) as an authoritative, impartial, and trustworthy third party is crucial.
Digital certificates must also be unique and reliable. In order to achieve this goal, many technologies need to be used. Usually, digital certificates adopt the public key system, which uses a pair of matching keys for encryption and decryption. Each user sets a specific private key (private key) that only belongs to him or her, and uses it to decrypt and sign; at the same time, he sets a public key (public key) and makes it public by himself. Shared by a group of users and used to encrypt and verify signatures. When sending a confidential document, the sender uses the recipient's public key to encrypt the data, and the recipient uses its own private key to decrypt it, so the information reaches its destination safely and without error. Digital means ensure that the encryption process is an irreversible process, that is, only the private key can be used to decrypt it. Public key technology solves the management problem of key release. Users can disclose their public keys while retaining their private keys.
The digital certificate issuance process is generally as follows: the user first generates his or her own key pair and transmits the public key and some personal identity information to the certification center. After verifying the identity, the certification center will perform some necessary steps to ensure that the request is indeed sent by the user. Then, the certification center will issue a digital certificate to the user, which contains the user's personal information and his public key information. , and also includes the signature information of the certification center. Users can use their digital certificates to carry out various related activities. Digital certificates are issued by independent certificate issuing authorities. Digital certificates vary, and each provides a different level of trustworthiness. You can obtain your own digital certificate from a certificate issuing authority.
The current types of digital certificates mainly include: personal digital certificates, unit digital certificates, unit employee digital certificates, server certificates, VPN certificates, WAP certificates, code signing certificates and form signing certificates.
With the popularity of the Internet and the rapid development of various e-commerce activities and e-government activities, digital certificates have begun to be widely used in various fields. Currently, they mainly include: sending secure emails and accessing secure sites. , online bidding, online signing, online ordering, secure online document transmission, online payment, online tax payment, online stock trading, online shopping and online customs declaration, etc.
What is a digital signature? Are digital signatures and electronic signatures the same thing?
The connotations of electronic signatures and digital signatures are different. Digital signatures are one type of electronic signature technology, but the relationship between the two is also very close. The signatures mentioned in the current electronic signature law generally refer to is the "digital signature".
Electronic signature
To understand what an electronic signature is, we need to start with the traditional manual signature or seal. In traditional business activities, in order to ensure the safety and authenticity of transactions, a written contract or official document must be signed and sealed by the parties or their responsible persons, so that both parties to the transaction can identify who signed the contract and ensure the signature or seal. Only by recognizing the content of the contract can the contract be legally recognized as valid. In the virtual world of e-commerce, contracts or documents are expressed and delivered in the form of electronic documents. On electronic documents, traditional handwritten signatures and seals are impossible, which must be replaced by technical means. An electronic technical means of signature that can identify the true identities of both parties in electronic documents, ensure the security, authenticity and non-repudiation of the transaction, and play the same role as a handwritten signature or seal, is called an electronic signature.
?Legally...
What is a device digital certificate?
Digital certificate software digital certificate and hardware digital certificate. To put it simply, software digital certificates are like device usage or operating licenses, hardware certificates are like online banking U-shields, and dongles used in e-commerce.