A certificate is a digital document issued by a CA that verifies the identity of a certificate subject and binds the identity to a public key. Each certificate has a corresponding private key that is stored separately. The public key and private key form an asymmetric key pair that can be used for data encryption and identity authentication. A CA signs the certificate to verify that entities that trust the CA can also trust the certificate.
Depending on the device capabilities and activation type, devices can use certificates to:
- Authenticate using SSL/TLS when connecting to webpages that use HTTPS
- Authenticate with a work mail server
- Authenticate with a work Wi-Fi network or VPN
- Encrypt and sign email messages using S/MIME protection
Multiple certificates used for different purposes can be stored on a device. You can use certificate profiles to send CA certificates and client certificates to devices.