Figure 1.8 : O btaining a digital certificate

Let us explain the process shown in figure 1.8:

1. U ser A generates a public and private key-pair or is assigned a key-

pair by an authority in the organization.

2. U ser A requests the certificate from the CA server.

3 . The CA responds with its certificate, and the CA certificate is issued,

which includes its public key and its digital signature signed using its

private key.

4. U ser A gathers all information that is required by the CA server to

obtain its certificate, which could include U ser A’s e-mail address,

fingerprints, and so on that CA needs to be certain that U ser A claims

to be who she is.

5 . U ser A sends a certificate request to the CA, which consists of his

public key and some additional information. This request is signed by

CA’s public key.

6. U pon getting the certificate request, the CA verifies U ser A’s identity

and generates a certificate for U ser A, binding his identity and public

key. The authenticity of the certificate is verified by the CA’s

signature.

7 . The CA issues the certificate to U ser A.