Certificate Authority
A Certificate Authority (CA) is a trusted organization that issues digital certificates after verifying the identity of the certificate applicant, thereby establishing a chain of trust for electronic signatures and secure communications.
What it means
CAs operate within a hierarchical Public Key Infrastructure (PKI). Root CAs are trusted by operating systems and browsers, and they sign intermediate CAs, which in turn issue end-entity certificates to individuals and organizations. When a CA issues a signing certificate, it vouches for the certificate holder's identity. If a CA is compromised or revoked, all certificates it issued become untrusted.
Why it matters for e-signatures
SignOwl's server-side signing infrastructure uses certificates from globally trusted CAs. For qualified signatures under eIDAS, signers must obtain a certificate from a CA that appears on the EU Trusted List (EUTL).
Related terms
Frequently asked questions
How do I know if a CA is trustworthy?
Trusted CAs are included in trust stores maintained by major operating systems (Windows, macOS, Linux) and browsers. EU Qualified Trust Service Providers are listed on the EUTL.
What is certificate revocation?
If a certificate is compromised before expiry, the CA publishes it on a Certificate Revocation List (CRL) or via the Online Certificate Status Protocol (OCSP), signaling that it should no longer be trusted.
Ready to send your first document?
Upload a PDF, add signature fields, and send — your signers get a beautiful page on any device. No accounts, no apps, no friction.
Start free — no card needed