This is a beginner's guide to digital certificates. After the session, the participants will have a basic understanding of what a certificate is and how it works based on the public key cryptography technology; why there are different types certificates like SSL certificates, code signing certificates, EV (Extended Validation) certificates... and what differentiate them; how long should a certificate be renewed; how to decide if they need to be issued by a commercial certificate authority (CA), or issued internally. These understandings are important, since z/OS supports digital certificates in different components like RACF, System SSL, LDAP, CICS, Communication Server, WAS, HTTP server. This session will also introduce some common z/OS specific certificate details.