A Certificate Authority (CA) is a trusted third party that
issues digital certificates to provide you with an assurance that
the public key of an entity truly belongs to that entity.
The roles of a CA are as follows:
- On receiving a request for a digital certificate, to verify the
identity of the requester before building, signing
and returning the personal certificate
- To provide the CA’s own public key in its CA certificate
- To publish lists of certificates that are no longer
trusted in a Certificate Revocation List (CRL)
- To provide access to certificate revocation status by operating
an OCSP responder server