Certificate Authority
An entity that issues and manages SSL certificates
A Certificate Authority (CA) is a trusted third-party organization that issues, manages, and validates digital certificates for websites, applications, and other digital entities. CAs play a crucial role in the Public Key Infrastructure (PKI) by establishing and maintaining the chain of trust that enables secure communications over the internet.
To become a trusted CA, organizations must undergo rigorous auditing processes and comply with industry standards such as the CA/Browser Forum Baseline Requirements.
Popular Certificate Authorities include:
- Let's Encrypt (free, automated certificates)
- DigiCert (enterprise and high-assurance certificates)
- GlobalSign (global commercial CA)
- Sectigo (formerly Comodo)
- GeoTrust (budget-friendly options)
- Thawte (part of DigiCert)
CAs verify the identity of certificate applicants through various validation methods (Domain Validation, Organization Validation, or Extended Validation) before issuing certificates. They also maintain Certificate Revocation Lists (CRLs) and OCSP responders to handle certificate revocation, and they must follow strict security practices to protect their root keys. The trustworthiness of a CA directly impacts the security and reliability of all certificates they issue.
Where You'll See This Term
This term commonly appears in:
- SSL certificate details pages
- Certificate Authority validation processes
- SSL configuration documentation
- Security audit reports
- Certificate management interfaces