Intro to certificates for macOS Server
A certificate is an electronic document that contains a public key with identification information (name, organization, email address, and so on). In a public key environment, a certificate is digitally signed by a Certificate Authority (CA), or its own private key (the latter being a self-signed certificate).
A public key certificate is a file in a specified format (The Server app uses the x.509 format) that contains:
The public key half of a public-private key pair
The key user’s identity information, such as a person’s name and contact information
A validity period (how long the certificate can be trusted to be accurate)
The URL of someone with the power to revoke the certificate (its revocation center)
The digital signature of a CA, or the key user