How do certificates work?
In networking, before we set up an encrypted communication, we need to know that the connection is authentic (safe against manipulation of its messages by a man in the middle).
See this shortened excerpt from Wikipedia (highlight by me):
In 1976, two researchers proposed a key exchange technique (now named after them)—Diffie–Hellman key exchange (D-H). This protocol allows two parties to generate a key only known to them, under the assumption that (...) the two parties have access to an authentic channel
If I understood this right, to ensure the channel is authentic (aka, that the other endpoint is not a man in the middle), we use certificates, which I have not fully grasped. How does the certificate ensure that the endpoint is not the man in the middle? Can the man in the middle not just copy the certificate and forward it to me?
