Certificate Authority (CA)

A trusted third-party entity within a network that issues digital certificates and public-private key pairs used for message encryption. The CA verifies the identity of the certificate's owner. The relying party can then trust that the private key is a certificate related to the corresponding public key for that same certificate.

Each certificate authority (CA) has essentially the same security requirements for its protection, but each is capable of issuing certificates for a different purpose, and is operated according to its own separate security (issuance) policy. See also certificate roles.