X.509 is an International Telecommunication Union (ITU) standard that defines the format of public key certificates. These certificates are digital documents that securely associate cryptographic key pairs with identities such as websites, individuals, or organizations. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secure protocol for browsing the web. They are also used in offline applications, like electronic signatures.

The X.509 certificate is a safeguard against malicious network impersonators. When a certificate is signed by a trusted authority, or is otherwise validated, the device holding the certificate can validate documents. It can also use a public key certificate to secure communications with a second party.

The X.509 standard is based on ASN.1, another ITU-T standard, and assumes a strict hierarchical system of certificate authorities (CAs) for issuing the certificates. The X.509 certificate format uses a related public and private key pair to encrypt and decrypt a message.

X.509 certificates are used in numerous protocols to ensure a malicious website doesnt fool a web browser. The X.509 certificate is also used to secure email, device communications, and digital signatures.