Certificate Authority (CA)

Security+ 🏆 • Cryptography 🔒 • Web Security 🕸️ • Difficulty: free

Definition

A Certificate Authority is a trusted organization that verifies identities and issues X.509 digital certificates, cryptographically binding a public key to a domain, person, or device so others can trust encrypted communications.

Examples

A website obtains a TLS certificate from a public CA; browsers trust it and show the lock icon because the CA’s root is in the browser’s trust store.
A company’s internal CA issues certificates to laptops for Wi-Fi 802.1X and VPN. The gateway checks the client certificate before granting access.

Discover 🔎

CAs sit at the heart of Public Key Infrastructure (PKI). They check proof of control or identity, then sign certificates that say, in effect, “this public key belongs to this subject.” Because operating systems and browsers come with trusted CA root certificates, users can verify servers automatically and establish encrypted, authenticated connections without sharing secrets in advance.

Open the interactive lesson Browse more topics

Tip: The interactive version includes progress tracking, decks, and premium deep dives.