Home/Glossary/Certificate Authority (CA)

Certificate Authority (CA)

A trusted entity that issues, validates, and revokes digital certificates used for secure communications.

Security InfrastructureAlso called: "ca", "certification authority"

Certificate Authorities are the trust anchors of public key infrastructure.

CA responsibilities

  • Validation: Verify identity before issuing certificates.
  • Issuance: Generate and sign digital certificates.
  • Revocation: Maintain Certificate Revocation Lists (CRLs).
  • OCSP: Provide online certificate status checking.

CA hierarchy

  • Root CA: Self-signed, highest trust level.
  • Intermediate CA: Signed by root, issues end-entity certs.
  • End-entity certificate: Issued to servers/users.
  • Certificate chain: Links end-entity to trusted root.

Types of CAs

  • Public CAs: DigiCert, Let's Encrypt, Sectigo.
  • Private CAs: Internal enterprise CAs.
  • Self-signed: No external validation (development only).

CA validation levels

  • DV (Domain Validation): Basic domain ownership.
  • OV (Organization Validation): Verified organization.
  • EV (Extended Validation): Highest scrutiny, green bar.

Certificate Transparency

  • Public logs of all CA-issued certificates.
  • Detects mis-issuance and compromised CAs.
  • Required by browsers for EV certificates.

Related Tools

Related Articles

View all articles
📄

AI Gateway Guide: What They Are, Why You Need One, and How to Choose

A comprehensive guide to AI gateways — the proxy layer between your app and LLM providers. Compare Cloudflare AI Gateway, Portkey, Helicone, LiteLLM, AWS Bedrock, Azure APIM, and more across pricing, features, and architecture.

Read article →
📄

CDN Showdown: Cloudflare vs CloudFront vs Azure CDN vs Google Cloud CDN

A deep technical comparison of CDN architectures from Cloudflare, AWS CloudFront, Azure CDN/Front Door, and Google Cloud CDN — covering network design, security, pricing, and when to choose each.

Read article →
📄

Object Storage Face-Off: Cloudflare R2 vs S3 vs Azure Blob vs Google Cloud Storage

A deep technical comparison of object storage platforms — Cloudflare R2, AWS S3, Azure Blob Storage, and Google Cloud Storage — covering architecture, egress fees, features, pricing, and migration strategies.

Read article →
📄

DNS Infrastructure Compared: Cloudflare DNS vs Route 53 vs Azure DNS vs Google Cloud DNS

A deep technical comparison of managed DNS services from Cloudflare, AWS Route 53, Azure DNS, and Google Cloud DNS — covering architecture, performance, security, pricing, and strategic implications.

Read article →

Explore More Security Infrastructure

View all terms

Firewall

A security system that monitors and controls incoming and outgoing network traffic based on predetermined security rules.

Read more →

VPN (Virtual Private Network)

An encrypted network connection that creates a secure tunnel between a device and a remote network over the internet.

Read more →
Back to glossary