There are two keys involved: public and private key.
The public key is part of the certificate and is transferred over the network. The public key is also the major component used in the device id.
The private key is always kept local and must never be shared with anyone else.
For more insight in how this works, you should read up on asymmetric cryptography.