Scanning your connection...
Default PrivacyDefault Privacy
Back to Glossary
Encryption

What is Certificate Authority?

An organization trusted to issue digital certificates that verify the identity of websites, enabling HTTPS encrypted connections.

Also known as: CA

Certificate Authorities (CAs) are the foundation of trust on the web. When you see the padlock icon in your browser, a CA has vouched for the website's identity.

How It Works

  1. Website operator generates a key pair
  2. Sends a Certificate Signing Request (CSR) to a CA
  3. CA verifies the operator's identity and domain ownership
  4. CA signs the certificate with their private key
  5. Browsers trust certificates signed by recognized CAs

Trust Issues

  • Browsers trust ~100+ root CAs by default
  • Any CA can issue a certificate for any domain
  • If a CA is compromised, all certificates it issued are suspect
  • Government-controlled CAs exist (China, Kazakhstan have attempted interception)

Let's Encrypt

Let's Encrypt provides free, automated certificates, making HTTPS accessible to everyone. It issues ~3 million certificates per day.

Certificate Transparency

Public logs of all issued certificates let domain owners detect unauthorized certificate issuance for their domains.

Related Terms

HTTPS

Hypertext Transfer Protocol Secure is the encrypted version of HTTP, the protocol used to transfer data between your browser and websites. HTTPS uses TLS encryption to protect the confidentiality and integrity of data in transit, preventing eavesdropping and tampering.

Public Key Cryptography

A cryptographic system that uses pairs of keys: public keys (which may be disseminated widely) and private keys (which are known only to the owner). This enables secure communication between parties who have never met and forms the basis for digital signatures, key exchange, and encrypted communication.

TLS

Transport Layer Security is a cryptographic protocol designed to provide secure communication over a computer network. TLS encrypts the connection between your browser and web servers, ensuring privacy and data integrity. It's the technology behind HTTPS.

Have more questions?

Use our guided flow to get the right next privacy step for Certificate Authority.

Open Guided Flow