Digital Certificate (TLS/SSL)
An electronic document issued by a Certificate Authority that binds a cryptographic key to a domain name, enabling browsers to verify a website's identity and establish an encrypted connection.
Also known as: SSL certificate, TLS certificate, HTTPS certificate, X.509 certificate
Last reviewed: 10 June 2026
A digital certificate tells your browser two things: that communications with the server will be encrypted, and that the server is genuinely operated by the entity named in the certificate. Certificate Authorities (CAs) are trusted third parties that verify domain ownership (for Domain Validation certificates) or organisational identity (for Extended Validation certificates) before signing a certificate. Browsers ship with a built-in list of trusted CAs.
When your browser displays the padlock icon and 'https', it has verified the server's certificate is valid, was signed by a trusted CA, and matches the domain you intended to visit. An attacker who intercepts your traffic and presents a different certificate will trigger a browser warning — this is one of the most important security warnings a browser shows and should never be bypassed.
Free certificate issuance from Let's Encrypt means that phishing sites now routinely have HTTPS and a padlock; the padlock indicates encryption, not legitimacy. Consumers should understand that HTTPS is necessary but insufficient to confirm a site is trustworthy — the domain name itself must also be correct and recognised.