What is the purpose of a digital certificate?

Digital certificates bind a public key to the identity of its owner. They’re issued by a trusted authority after verifying who the owner is, and they include the owner’s identity, the public key, a validity period, and the issuer’s digital signature. This binding lets anyone who trusts the issuer confirm that a given public key really belongs to that claimed subject, which enables secure connections and authentication. The certificate itself isn’t used to encrypt data; encryption uses the recipient’s public key, which the certificate helps verify. Revocation is handled separately (CRLs/OCSP), and while digital signatures prove message integrity, the certificate’s purpose is to establish who owns the public key, not to guarantee the integrity of messages.