Each qualified certificate holder has a pair of keys, the private and the public key. The private key allows the generation of a digital signature that is unique to each holder, while the public key is available to anyone.
A document is digitally signed using the private key, while the signature is verified using the signer’s public key. The two keys are linked in such a way that the document signature that was made using the private key can only be verified using the public key from the pair. The structure of the data linking the holder with their key is called a digital certificate.