What is an X.509 Certificate? SSL/TLS and PKI Explained

An X.509 certificate contains: Version (usually v3), Serial Number (unique identifier from CA), Signature Algorithm (e.g., SHA256withRSA), Issuer (CA that signed the certificate), Validity Period (Not Before and Not After dates), Subject (entity the certificate identifies), Subject Public Key Info (algorithm and public key), and Extensions (v3 only) including Subject Alternative Names, Key Usage, and Basic Constraints. The certificate ends with the CA's digital signature.

X.509 v1 (1988) contained only basic fields like subject, issuer, and validity. X.509 v2 (1993) added issuer and subject unique identifiers, rarely used today. X.509 v3 (1996) introduced extensions, enabling Subject Alternative Names (SANs), Key Usage, Extended Key Usage, Basic Constraints, and CRL Distribution Points. Virtually all modern certificates are v3, as extensions are essential for proper certificate validation and multi-domain support.

Subject Alternative Names (SANs) are an X.509 v3 extension that allows a certificate to be valid for multiple identities—domain names, IP addresses, email addresses, or URIs. For example, a single certificate can cover example.com, www.example.com, and api.example.com using SANs. Modern browsers require SANs; the legacy Common Name (CN) field alone is no longer sufficient for domain validation.

Use OpenSSL to view certificate details: openssl x509 -in cert.pem -text -noout. For remote certificates: openssl s_client -connect domain:443 | openssl x509 -text -noout. On Windows, double-click a .cer file or use certutil -dump cert.cer. Online tools like our X.509 Decoder provide visual analysis. Browser developer tools also show certificate details when clicking the padlock icon.

A certificate chain (or chain of trust) connects your certificate to a trusted root CA through intermediate certificates. Your server certificate is signed by an intermediate CA, which is signed by a root CA trusted by browsers. Browsers must verify each link in the chain. Missing intermediate certificates cause "unable to verify" errors. Always install the complete chain on your server—your certificate plus all intermediate certificates.

A self-signed certificate is signed by its own private key—the issuer and subject are the same entity. Browsers don't trust self-signed certificates and show security warnings. A CA-signed certificate is signed by a Certificate Authority that browsers trust (like Let's Encrypt, DigiCert, or Sectigo). Use self-signed certificates only for development/testing. Production systems require CA-signed certificates for browser trust.

Key Usage specifies permitted cryptographic operations: digitalSignature, keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign. Extended Key Usage (EKU) specifies application purposes: serverAuth (TLS server), clientAuth (TLS client), codeSigning, emailProtection. A TLS server certificate typically has Key Usage: digitalSignature, keyEncipherment and EKU: serverAuth. These extensions prevent certificate misuse.

Certificate validity varies by type. Public TLS certificates are limited to 398 days (13 months) as of 2020, and will reduce to 200 days in 2026 and 47 days by 2029 per CA/Browser Forum requirements. Code signing certificates can be valid for 1-3 years. Internal/private CA certificates can have longer validity. Root CA certificates often have 20-30 year lifespans. Shorter validity periods improve security by limiting exposure time if a key is compromised.

When a certificate expires, clients reject connections with errors like "certificate has expired" or "NET::ERR_CERT_DATE_INVALID." HTTPS sites become inaccessible (or show security warnings users must bypass). APIs fail. Email signing/encryption stops working. Expired certificates are a leading cause of outages. Implement automated monitoring with alerts at 30, 14, 7, and 1 day before expiry, and use automated renewal with tools like Certbot or cert-manager.