What is a certificate authority?

A certificate authority is a trusted third-party entity that issues digital certificates. A digital certificate verifies that a public key belongs to the individual whose digital signature is on that certificate.

How does a certificate authority work?

Certificate authorities are used in asymmetric encryption to prevent “man-in-the-middle” attacks, in which a malicious party intercepts traffic heading to a server and pretends to be the intended receiver.

Trusted CA certificates are usually stored on the client software, such as a web browser. There is no single provider of CA certificates, and the market is fragmented by country and region.

Back to Glossary