Explanation
A certificate authority (CA) is a trusted entity that issues digital certificates for websites and other entities.
CAs validate a website domain and, depending on the type of certificate, the ownership of the website, and then issue TLS/SSL certificates that are trusted by web browsers like Chrome, Safari and Firefox. Thus, CAs help keep the internet a safer place by verifying websites and other entities to enable more trust in online communications and transactions. Some of the roles of a CA in a trusted third-party CA certificate are:
To provide validation of certificate requests: A CA verifies the identity and authenticity of the certificate requester before issuing a certificate. The CA may use different methods of validation, such as domain validation, organization validation, or extended validation, depending on the type and level of assurance of the certificate. The CA may also check the revocation status of the certificate or the certificate chain to ensure that the certificate is not expired or revoked.
To issue a CA signed Identity certificates: A CA signs the certificate with its own private key, which attests to the validity and integrity of the certificate. The CA also provides the certificate with a serial number, a validity period, and other attributes. The CA signed certificate can be used by the certificate holder to prove its identity and establish secure connections with other parties.
References:
What is a CA? Certificate Authorities Explained
The Role of Certificate Authorities
The 5 most frequently Asked Questions about Certificate Authority (CA)