Certificate Authority (CA)

A Certificate Authority (CA) is a trusted organization that issues digital certificates — electronic credentials that verify the identity of websites, people, devices, or organizations. When your browser shows a green padlock for a website, a CA has verified that website's identity and issued it a certificate.

In the DoD, the DoD PKI Certificate Authorities issue certificates for CAC cards, server certificates, and other digital credentials. The trust chain starts with root CAs and extends through intermediate CAs, creating a hierarchy of trust that underpins all PKI-based security.

Why It Matters

Understanding CAs and PKI is important for managing DoD systems that require certificate-based authentication. Ensuring your systems trust the correct CAs and properly validate certificates is essential for secure communications.

Related Resources

CMMC: AC.L2-3.1.9
CMMC: AC.L2-3.1.17
CMMC: AT.L2-3.2.3
CMMC: AU.L2-3.3.9
CMMC: IA.L1-3.5.1
CMMC: IA.L1-3.5.2
CMMC: IA.L2-3.5.3
CMMC: IA.L2-3.5.4