Certificate Authority (CA)

A trusted third party that issues digital certificates after verifying that the requester controls the domain (DV), belongs to a real organisation (OV), or meets extended identity checks (EV). Major public CAs include Let's Encrypt, DigiCert, Sectigo, and GlobalSign. Browsers and operating systems ship a built-in list of trusted root CAs; any certificate issued by an unknown or revoked CA will trigger a browser security warning. Private CAs are used inside corporate networks for mutual TLS and internal service authentication.