A certificate is a public key that has been digitally signed by a trusted party in order to prove that it is a valid public key. This trusted party is called a certification authority (CA). In a sense, the CA provides a testimonial that the public key really does belong to the person who owns it.

You can use commercial CAs for a fee, or you can create your own -- it all depends on how much authority you want to wield when proving your identity in the digital realm. If an entity signs its own public key, it's called a self-signed certificate. We use self-signed certificates throughout this tutorial.