How Can We Help?
In a hierarchical PKI, a Certification Authority who has certified the certificate signature key of another CA, and who constrains the activities of that CA.
SOURCE: SP 800-32; CNSSI-4009
A Certificate Authority (CA) is a trusted entity that verifies the digital identities of people, businesses, and websites. CAs issue digital certificates that authenticate the identities of parties involved in online transactions.
How do CAs work?
- CAs use cryptographic assets to validate digital identities
- CAs can manage, revoke, and renew certificates
- CAs help establish trust in the digital realm by safeguarding sensitive information
What is CA hierarchy?
- A CA hierarchy starts with the root CA at the top
- The root CA issues certificates to intermediate CAs
- Intermediate CAs issue certificates to other CAs or sign end entity certificates
Examples of CAs Actalis, Certum, and Verisign. 
Creating your own CA
- You can create your own CA using OpenSSL
- The steps include:
- Create the root key
- Create a root certificate and self-sign it
- Create the certificate’s key
- Create the CSR (Certificate Signing Request)
- Generate the certificate
- Verify the certificate
