What is a Certificate Authority (CA)?

A certificate authority (CA) is a trusted entity that manages and issues digital certificates. Digital certificates are electronic documents that bind the identity of the certificate owner to a pair of electronic encryption keys.

The certificate authority is a trusted third-party by both the certificate owner and any other party who relies on the certificate. The signing keys used by the CA must be kept secret to prevent any forging of certificates.

Types of CAs

There are generally two types of CAs:

• Root CA
• Subordinate/intermediate CA

A root CA makes certificates that are used by other subordinate CAs. Hence, root CAs are the root of trust, so their integrity and security are critically important.

Role in internet security

A common use case for certificate authorities is to sign certificates used in HTTPSa secure communication protocol for the Web. CA issues certificates to website owners that they can then present to website visitors to verify their identity.

Certificate authorities issue certificates to applicants based on several factors and steps to verify the identity of the applicants.

Examples of trusted CAs include:

• IdenTrust
• DigiCert
• GlobalSign
• Let’s Encrypt