A certificate is a packet of data that contains a user's public key, in addition to the data that serves to identify the user in the real world (for example, the user's name). Every certificate is created and signed by a trusted entity known as a certification authority.
Because certificates are signed, they can be transmitted over a nonsecure network or stored on nonsecure media. Each time you receive a certificate, you should verify the signature by using the certification authority's public key.
For more information on certificates see Authentication Using Certificates, and Managing Certificates.
Warning If you use the Microsoft Base Cryptographic Provider to create a certification authority, your license to issue certificates is limited to certificates intended for use in the context of your particular application or service.