Is the identity certificate the same as the public key?


Is the identity certificate the same as the public key?

No, a certificate contains a public key but it is not the public key itself.

If not, is the identity certificate considered a secret?

Usually no, usually contains only information not considered secret.

How are they related?

A certificate is the public key to an identity along with more information about the identity and usage restrictions. Everything together is signed by the certificate issuer.

The identity information included depends on the specific use case, but generally contains state, country, organization, name, perhaps email, …. Use restrictions contain the period of time when the certificate is valid, if it can be used for signing, whether it is a TLS server or a client certificate or a certificate authority (CA), etc. The certificate issuer's signature is required to protect the information in the certificate against tampering and also to create a trusted infrastructure that can then be used to verify the certificate; See wikipedia: Public Key Infrastructure for more information.