Signing the certificate ======================= Certificate +------------------------------------+ | +--------------------------------+ | | | Subject Identification | | | | Information | | | +--------------------------------+ | | +--------------------------------+ | +-----------------+ | | Subject Public | | | | | | Key Value |-|----->| Message Digest | | +--------------------------------+ | | Algorithm | | +--------------------------------+ | | (e.g. SHA1) | | | Certfication Authoritiy's | | +-----------------+ | | Name | | | | +--------------------------------+ | | | .... | | | +--------------------------------+ | v +--------------+ | | Certification Authority's | | o-------o /Certification / | | Digital Signature |<|-----------|encrypt|<--/ Authority's / | +--------------------------------+ | o-------o / Private Key/ +------------------------------------+ +--------------+ Verifying the certificate ========================= Certificate +------------------------------------+ | +--------------------------------+ | | | Subject Identification | | | | Information | | | +--------------------------------+ | +-----------------+ | +--------------------------------+ | | | | | Subject Public | | | Message Digest | | | Key Value |-|----->| Algorithm | | +--------------------------------+ | | (e.g. SHA1) | | +--------------------------------+ | +-----------------+ | | Certfication Authoritiy's | | || | | Name | | vv | +--------------------------------+ | <> equal == valid | .... | ^^ | +--------------------------------+ | || +--------------+ | | Certification Authority's | | o-------o /Certification / | | Digital Signature |-|---------->|decrypt|<--/ Authority's / | +--------------------------------+ | o-------o / Public Key / +------------------------------------+ +--------------+