Back to Learn
Certificates > Learn > What is X.509?

What is X.509?

X.509 is an ITU-T standard that defines the format of public key certificates. First published in 1988 as part of the X.500 directory services specification, it has become the foundation for identity verification in virtually every encrypted communication on the internet.

A Brief History

The original X.509 v1 (1988) defined the basic certificate structure: subject, issuer, validity, and public key. Version 2 (1993) added issuer and subject unique identifiers, which were rarely used in practice. Version 3 (1996) introduced extensions, making the format flexible enough for the modern internet. Today, every TLS certificate you encounter is X.509 v3.

Where X.509 Is Used

X.509 certificates are not limited to HTTPS. They appear in:

  • TLS/SSL— server and client authentication for web traffic, APIs, and databases.
  • S/MIME— email signing and encryption.
  • Code Signing— Authenticode (Windows), notarization (macOS), and JAR signing.
  • VPN— IPsec and OpenVPN use certificates for peer authentication.
  • Document Signing — PDF digital signatures rely on X.509 chains.

Certificate Anatomy

At the encoding level, an X.509 certificate is an ASN.1 data structure serialized using DER (Distinguished Encoding Rules). The PEM format you commonly see is simply the DER bytes Base64-encoded and wrapped with header/footer lines.

-----BEGIN CERTIFICATE-----
MIIFazCCA1OgAwIBAgIUe... (Base64-encoded DER)
-----END CERTIFICATE-----

Inside, the structure breaks down into three top-level fields:

Certificate
├── tbsCertificate          (the data that is signed)
│   ├── Version             (v3 = 2)
│   ├── Serial Number
│   ├── Signature Algorithm
│   ├── Issuer              (Distinguished Name)
│   ├── Validity            (Not Before / Not After)
│   ├── Subject             (Distinguished Name)
│   ├── Subject Public Key Info
│   └── Extensions          (v3 only)
├── signatureAlgorithm
└── signatureValue

The tbsCertificate (“to be signed”) section contains all certificate data. The issuing CA signs this section, and the resulting signature is stored in signatureValue. Any modification to the tbsCertificate invalidates the signature.

Tip

The version field uses zero-based indexing: v1 = 0, v2 = 1, v3 = 2. If you see Version: 3 (0x2) in a decoder, that is correct.

Relationship to ASN.1 and DER

ASN.1 (Abstract Syntax Notation One) is the schema language that defines the certificate structure. DER is one of several encoding rules for ASN.1 and is the canonical encoding for cryptographic objects because it produces a single deterministic byte sequence for any given value. This matters because the signature covers the exact DER bytes — not a textual representation.

As a .NET developer, you typically interact with X.509 through the System.Security.Cryptography.X509Certificates namespace, which handles all ASN.1/DER parsing internally. The X509Certificate2 class is your primary entry point for loading, inspecting, and using certificates in application code.

Ready to inspect a certificate? Try the Decoder tool to paste any PEM and see every field.