What Is a Digital Signature? How It Works with Certificates
A digital signature uses a private key to prove a file came from you and hasn't been altered, while a certificate ties that key to a verified identity. How signing and verifying work, what they guarantee, and the certificate types behind HTTPS, code signing, documents, and email.
What Is a CSR? Certificate Signing Request Explained
A CSR (Certificate Signing Request) is a signed PKCS#10 block that carries your public key and identity to a certificate authority — while the matching private key stays on your server. What's inside a CSR, how it becomes a certificate, and the mistakes that stall an order.
What Is a Private Key? SSL Private Keys Explained
A private key is the secret half of your SSL certificate's key pair, generated with your CSR and never shared. Learn what it is, why the CA never sees it, where it lives, how to protect it, and what to do if you lose it.
Symmetric vs Asymmetric Encryption: How TLS Uses Both
Symmetric encryption uses a single shared key; asymmetric encryption uses a public/private key pair. Learn how each works, their trade-offs in speed and key distribution, and why TLS combines both to secure every HTTPS connection.
What Is a Certificate Authority (CA)? How SSL Trust Works
A certificate authority (CA) is the trusted third party that issues SSL certificates and vouches for who controls a domain. Learn how CAs verify identity, sign certificates, earn browser trust through root programs, and can be distrusted when they break the rules.
Self-Signed Certificates: What They Are, Risks, and When to Use One
A self-signed certificate encrypts traffic but proves nothing about identity, so browsers flag it as untrusted. Learn how it differs from a CA-signed certificate, the real risks, when self-signing is fine, and how to create one with OpenSSL.
SSL Certificate File Formats Explained: PEM, PFX, DER & P7B
Learn the difference between PEM, PFX/PKCS12, DER, and P7B SSL certificate formats. Convert between formats with OpenSSL commands and our free converter tool.
SSL Certificate Chain Explained: Intermediate Certificates and How to Fix a Broken Chain
A missing intermediate certificate is the #1 SSL misconfiguration. Learn what the certificate chain is, why Chrome hides the problem while mobile clients fail, and how to fix it on Nginx, Apache, and IIS.
Free SSL Certificates Are Now Live at My-SSL Free
My-SSL Free issues free Let's Encrypt DV certificates with auto-renewal, wildcard support, alerts, and an API. What it does, who it's for, and its limits.
S/MIME Certificate Buying Guide: Personal vs Business
Pick the right S/MIME email certificate for signing and encryption. Compare personal vs business options, check Outlook and Gmail compatibility, and use our 60-second wizard.
SSL Certificates Are Now Limited to 199 Days — Here's What That Means
Starting March 13, 2026, all publicly-trusted CAs must cap SSL/TLS certificate validity at 199 days per CA/Browser Forum Ballot SC-081v3. Here's the timeline and what to do.
SSL Certificates in 2026: What's Changing, Common Errors, and How to Choose the Right Certificate
Comprehensive guide to SSL certificates in 2026. Understand SSL vs TLS, common errors like certificate expired, and how to choose between DV, OV, EV, wildcard, and multi-domain certificates.