Whenever you create digital certificates with a certificate authority system, it uses the X509 standards. These standards are not only used to ensure each certificate has a similar layout and design, but also assigns the keys in the certificate to a specific name, such as a Domain Name System (DNS) entry, used for authentication purposes. During authentication processes, the root in the certificate uses this name and validates itself against this entry. It is important to verify that the entry you supply at creation is valid and correct. In the event you enter an invalid DNS address, the certificate will be unable to be authenticated. Both public keys and private keys require this entry -- otherwise they would not be able to be validated against one another.
Some X509 Digital Certificates Are Preinstalled in Applications and Operating Systems
Some X509 standardized certificates are preinstalled and included with internet browsers, software applications and operating systems from trusted providers. The reason these are included is because they are widely used between numerous users and to issue a certificate each time someone connects using the application or operating system would be redundant. The digital certificates may be updated, from time to time as needed, and are often included in updates supplied by the software manufacturer. Changes to the certificate could be the result of discovering a flaw in the certificate design, which makes it susceptible to hackers or whenever the locations of the authentication address changes. At other times, new certificates have to be issued because the original ones expire and are no longer valid.