Todor Kolev wrote:"A website's certificate will have a signature from the CA.
The signature is a hash of the certificate details, encrypted using the CA's private key.
The browser has a stash of known good public keys with which it can verify the signature"
1. How does the CA encrypt the signature hash with the private key? Wasn't the private key for DEcryption?
2. How does the browser use the public keys to verify the signature?