What does a digital certificate certify about an entity?

A digital certificate certifies the ownership of the public key of the named subject of the certificate. This means that the certificate binds the public key presented by the entity to an identity, and this binding is independently verified by a trusted third party, known as a Certificate Authority (CA). The certificate ensures other parties that the public key actually belongs to the entity that claims it. The private key associated with the public key is kept secret by the entity and is not included in the certificate. There is no such thing as certifying the ownership of a symmetric key or a bulk encryption key in the context of digital certificates, as these involve different cryptographic mechanisms.