Certificates provide assurance of the owner of a public key, so
            we use them to prove that we have the correct public key of the
            person or website we are communicating with.

            The whole process can be seen here:

            First of all, Alice gets the certificate containing the public key of
            the person she wants to communicate with (Bob). Alice
            validates that the certificate has not expired and that it is not on
            a certificate revocation list (CRL).






























            Then Alice creates a hash of the message she wishes to send.

            Then Alice signs the hash of the message with her private key.