A digital signature (often confused with a digital certificate) is a means to electronically sign a piece of data using a private key in a manner analogous to a hand-written signature. A digital signature, like a hand-written signature, authenticates the data as having been signed by the owner of the private key that was used to create the digital signature.

Digital signatures are not specifically defined in the X.509 standard. They are, however, legally recognized by many countries as a mechanism that typically follows X.509 recommendations to employ asymmetric cryptography and a one-way hashing function to generate the unique code that constitutes the signature.

In a PKI, digital signatures are used to provide data integrity and authorship, and thus provide the basis for the nonrepudiation of message exchange in a PKI. While not digital certificates themselves, they are generated from the asymmetric-key information provided by a server digital certificate.