Olga Weis
• Nov 10, 2025
A shared or public digital certificate is a file that is used to verify the digital signatures of other files. They work in conjunction with a private certificate and a trusted authority to allow people to use software, view documents, and perform other actions with files without needing to worry about their authenticity.
The private and shared certificates are cryptographically connected. A shared digital certificate can always confirm the authenticity of a private certificate, but can not be used to reproduce it. Both certificate types are simply files that contain codes and other information.
A private digital certificate is stored in the form of a .pfx file, which mainly contains a private key and a public key (which is later used to create a public certificate). The file itself is not necessarily encrypted, so the privacy of the key is dependent on the certificate holder. Sometimes, a digital certificate is also called a digital signature when it’s used to sign PDF files. If a .pfx file is leaked, any signatures made with it are invalidated, and new versions of any previously signed files need to be created, as well as signed with a new private certificate.
A shared or public digital certificate is usually a .cer or .crt file. It contains a set of variables - namely, a public key used to confirm file signatures, and other metadata, such as information about the certificate authority. Operating systems and browsers usually come pre-packaged with public keys that can verify a wide range of webpages, documents, and software.
Utilities such as Certutil use a .pfx certificate to sign files. Commonly signed formats include .exe, .msi, .pdf, and MS Office suite documents. Signing executable formats, such as .exe, is often done for the purposes of software protection. Often, for improved security, the .pfx file is installed on a specialized USB token. Said token can be used to create a signature, but the .pfx is impossible to extract from it.
Do you use a USB dongle for file signing? It may be safer than a .pfx file, but it’s also less convenient. Donglify is an alternative to carrying dongles around, since it allows you to connect to them over the Internet. Just connect your device to a computer with a Donglify client and share it.
In addition to being convenient, Donglify is also completely secure. It provides 2048-bit SSL encryption and additional shared sign-in options that don’t require you to compromise your account. Use the free trial to test Donglify with your certificate tokens!
