Skip to main content
Home/Glossary/Certificate Authority (CA)

Certificate Authority (CA)

A trusted entity that issues, validates, and revokes digital certificates used for secure communications.

Security InfrastructureAlso called: "ca", "certification authority"

Certificate Authorities are the trust anchors of public key infrastructure.

CA responsibilities

  • Validation: Verify identity before issuing certificates.
  • Issuance: Generate and sign digital certificates.
  • Revocation: Maintain Certificate Revocation Lists (CRLs).
  • OCSP: Provide online certificate status checking.

CA hierarchy

  • Root CA: Self-signed, highest trust level.
  • Intermediate CA: Signed by root, issues end-entity certs.
  • End-entity certificate: Issued to servers/users.
  • Certificate chain: Links end-entity to trusted root.

Types of CAs

  • Public CAs: DigiCert, Let's Encrypt, Sectigo.
  • Private CAs: Internal enterprise CAs.
  • Self-signed: No external validation (development only).

CA validation levels

  • DV (Domain Validation): Basic domain ownership.
  • OV (Organization Validation): Verified organization.
  • EV (Extended Validation): Highest scrutiny, green bar.

Certificate Transparency

  • Public logs of all CA-issued certificates.
  • Detects mis-issuance and compromised CAs.
  • Required by browsers for EV certificates.

Related Tools

Related Articles

View all articles
📄

How to Use Claude Code From Your Phone With /remote-control

Claude Code's Remote Control feature lets you steer a coding session running on your machine from your phone, tablet, or browser. Here's how to set it up, when it beats Claude Code on the web, and the security model behind it.

Read article →
📄

How to Recover an Accidentally Closed Claude Code Session

Closed your Claude Code terminal by accident? Your conversation isn't gone. Learn how to resume it with claude --continue and --resume, where transcripts are stored on disk, and how to reopen the closed terminal window itself on macOS and Windows.

Read article →
📄

Gemini CLI Is Being Retired on June 18 — Meet Antigravity CLI

Google is deprecating Gemini CLI and moving developers to the new Antigravity CLI on June 18, 2026. Here's what's actually changing, who's affected, the CI/CD landmine to watch for, and how to migrate before your scripts break.

Read article →
📄

Claude Code's Security-Guidance Plugin: Shift-Left Security That Fixes Code as You Write It

Anthropic's free security-guidance plugin makes Claude Code review and fix vulnerabilities in the same session. Here's what it catches, how to install it, and how to roll org-wide rules across your team.

Read article →

Explore More Security Infrastructure

View all terms

Firewall

A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Read more →

VPN (Virtual Private Network)

An encrypted network connection that creates a secure tunnel between a device and a remote network over the internet.

Read more →
Back to glossary