Digital certificates: What is the difference between encrypting and signing

Question

I am relatively new to PKI, certificates and all related stuff.

As far as I understand in public-key cryptography one encrypt with a public key and decrypt with a pr

Answer 1

As already mentioned in the other answers, public and private key are coupled with each other. Actually in many encryption context you have a pair of numbers with certain properties and can choose which you want to use as private and which as public key. Thus, there is a certain degree of uniqueness here. (Details may vary according to the algorithm in question.)

When talking about PKIs, though, you often do not consider public keys but certificates which essentially are bundles of information (issuer, subject, validity interval, usage constraints, ...) with a public key. When creating certificates, you of course can build different certificates for the same public key.

Thus, while private and public keys essentially are one-to-one, private keys and certificates may be one-to-many.

Maybe this is the cause of your one-to-one confusion.