Information Services

What is a certificate

A certificate is a small file containing a key that is used to confirm the identity of the people or services communicating with each other over a network.

It ensures that both parties can be confident that they are talking to the right person or service and they can also be used to enable encryption of the communication.

They are sometimes also refered to as X.509 certificates, after the international standard that defines them. More commonly they are refered to as Secure Sockets Layer, or SSL, certificates.

Certificate Authority (CA)

A certificate is issued by a certificate authority which is a trusted third-party that validates that the certificate has been issued to the correct institution. The certificate authority 'signs' the certificate to say that it has been correctly issued. Web browsers and other network applications know about many certificate authorities and automatically check and validate the certificates when you open a network connection.

Most certificate authorities are commercial companies and their certificates are automatically included in web browsers. The University of Edinburgh is also a certificate authority but its certificate is not automatically included in browsers. So if you visit a website using a University certificate then your browser may complain about it. The solution to this is to download and install the University's Certificate Authority Certificate in your browser.

See the section on installing the University CA Certificate for instructions on how to configure your browser to accept university website certificates.