(DC) Which do I need?
The question "Which do I need?" is answered by asking the question "What do you want to do?". Below, find some examples of common questions and tasks (not exhaustive), that will lead you to the right type of digital certificate that you need. This section will get updated when additional scenarios are discovered.
Keywords | Description | Digital Certificate |
|---|---|---|
| If you run a web server, and you need to encrypt or secure communication between client (web browser) and the server (web server), then you most likely need a SSL (Secure Socket Layer) Certificate. Many web browsers will generate warnings now if you visit insecure websites that utilize the standard http protocol. Securing websites with SSL certificates has become very easy to do, and should be the default. | |
| Do you want to either encrypt or "sign" your emails to ensure that the receipt securely receives the email and knows it came from you, you are most likely looking for a Client Certificate. When people talk about an email certificate, they’re typically referring to a type of X.509 digital certificate that’s used to secure data at rest for email users. Some users prefer terms like “S/MIME certificates” (because they secure MIME data), “email signing certificate,” or “personal authentication certificates,” etc. Regardless of what you want to call it, it’s a useful tool to have at your disposal that enhances the security of your personal or business digital correspondences. That’s because an email certificate is like the modern, high-tech version of a certified letter. You know, if the postal service made it so that a sender could encrypt their message, prove their identity, and also require the recipient to provide a specific piece of validating information that verifies they’re the intended recipient… Okay, so it’s not really like a certified letter. But it does help people send emails while doing those things. | |
| If you are a developer, and you want to ensure the code you deliver is genuine and has not been tampered with, then you are looking for a Code Signing Certificate. Many operating systems (Linux, Windows, MacOS, etc..) are now requiring that all applications be signed otherwise your users will have to jump through hoops to run the software or they will be denied depending on organizational policies. Unsigned applications usually generate errors like this: When a application or code has been signed, you will instead see messages like this: |