The whole answer can be found in this article.

    Normally with PKI, everything is ENCRYPTED with the public key found in a machine's x.509 certificate. When the message (or whatever it is) reaches the receiver, it is DECRYPTED with the receiver's private key. So, ENcrypt with public, DEcrypt with private is normal.

    With digital signatures found in x.509 certificates, the opposite is done. Digital signatures are created using a private key and verified using a public key.

    Check out the chart at the bottom of the page at this URL.


Page 1 of 1
  • 1