What is a Certificate Authority (CA)?

Last updated on 28 Sep 2023, 10:32:37.
Category: All about SSL certificates

SSL SSL Certificaten

How does a Certificate Authority work?

A Certificate Authority (CA) is an organisation that issues digital certificates to persons or corporations after having checked the applicant's identity. The digital certificate is proof that a certain website is owned by a certain organisation, and proof of the website owner's identity, thus inspiring trust to visitors.

Digital certificates are required to encrypt communication between a web server and a visitor's browser. These certificates are commonly called SSL certificates, after the technlogy on which they're based (Secure Sockets Layer), though nowadays web servers mostly use SSL's successor, TLS (Transport Layer Security). More information on how SSL works and on SSL certificates on these pages.

Commercial Certificate Authorities act as a trusted third party, since their root certificates are built-in in users' browsers, and certificates issued by them are therefore trusted by those browsers.

Who are the main CA's?

Symantec

The Symantec group consists of the American market leader Symantec, Geotrust, GeoTrust low-cost daughter RapidSSL and Thawte, with GeoTrust and Thawte positioned mid-market.

GlobalSign

GlobalSign offers high-end certificates, is the European and Japanese market leader, and also fully owns its low-cost subsidiary AlphaSSL.

Digicert

Digicert also moves mid-market with its certificate offerings.

Comodo

Comodo offers a broad range of certificate solutions under its brands PositiveSSL, InstantSSL and EnterpriseSSL.

A lot of smaller certificate authorities are also offering their own certificates under their own brand, such as GoDaddy, Network Solutions, OVH en Gandi. Certificates' reputations are only as strong as their issuer's, and while certificates from the smaller brands will be just as effective in encrypting website to browser communication, they are not as widely known to the general public, and are not apt to inspire the same degree of trust in confidential or financial transactions, such as e-banking and e-commerce. Their main plus is their low cost and their ease of procurement.

You'll find detailed information on each certificate's advantages and disadvantages on the SSL certificates product page.


Related articles

Apache - Disable SSL 2.0, SSL 3.0 and opt fore a modern safe SSL config

This article shows you how to disable the SSL 2.0, SSL 3.0 and older TLS version protocols on your Apache...

Read more

Kinamo mail server settings (mail server cheat sheet)

The following article provides the basic settings and server names (domain names) for the Kinamo mail infrastructure. These settings allow...

Read more

Create an automatic SPAM filter in the Kinamo Webmail

This article explains how you may create a filter that will automatically place SPAM messages in a special folder, so...

Read more

Need extra help?

Were not all your questions answered?
Don't worry, we will be happy to help you via a support request!

Select your language

All languages: