Tags for this FAQ item:
SSL SSL Certificates

To what extent has this article answered your question?

Rated 2 stars, based on 3 votes

What is a Certificate Authority (CA)?

Last updated: 14/01/2016

A Certificate Authority (CA) is an organisation that issues digital certificates to persons or corporations after having checked the applicant's identity. The digital certificate is proof that a certain website is owned by a certain organisation, and proof of the website owner's identity, thus inspiring trust to visitors.

Digital certificates are required to encrypt communication between a web server and a visitor's browser. These certificates are commonly called SSL certificates, after the technlogy on which they're based (Secure Sockets Layer), though nowadays web servers mostly use SSL's successor, TLS (Transport Layer Security). More information on how SSL works and on SSL certificates on these pages.

Commercial Certificate Authorities act as a trusted third party, since their root certificates are built-in in users' browsers, and certificates issued by them are therefore trusted by those browsers.

The Symantec group consists of the American market leader Symantec, Geotrust, GeoTrust low-cost daughter RapidSSL and Thawte, with GeoTrust and Thawte positioned mid-market.

GlobalSign offers high-end certificates, is the European and Japanese market leader, and also fully owns its low-cost subsidiary AlphaSSL.

Digicert also moves mid-market with its certificate offerings.

Comodo offers a broad range of certificate solutions under its brands PositiveSSL, InstantSSL and EnterpriseSSL.

A lot of smaller certificate authorities are also offering their own certificates under their own brand, such as GoDaddy, Network Solutions, OVH en Gandi. Certificates' reputations are only as strong as their issuer's, and while certificates from the smaller brands will be just as effective in encrypting website to browser communication, they are not as widely known to the general public, and are not apt to inspire the same degree of trust in confidential or financial transactions, such as e-banking and e-commerce. Their main plus is their low cost and their ease of procurement.

You'll find detailed information on each certificate's advantages and disadvantages on the SSL certificates product page.