x509Certificate

An X.509 certificate is a digital certificate that binds a public key to an entity’s identity according to the X.509 standard. Issued by a certificate authority or self-signed, it enables authentication, confidentiality, and data integrity in many network protocols and applications, notably TLS/SSL. In software libraries, the term x509Certificate is commonly used to denote an X.509 certificate object.

A certificate contains version, serial number, the issuer’s algorithm and signature, issuer and subject identities, a

Common extensions include subjectAltName, keyUsage, extendedKeyUsage, BasicConstraints (CA flag), AuthorityKeyIdentifier, SubjectKeyIdentifier, and CRLDistributionPoints. Extensions convey constraints

X.509 certificates are encoded in DER and commonly stored or transmitted in PEM format (base64 with header/footer).

Validation requires verifying the issuer’s signature with the issuer’s public key, checking validity dates, and building

X.509 certificates underpin TLS for secure web traffic, as well as code signing, email protection, and other