Public CAs are recognized third-party entities that satisfy the criteria set by leading certificate stores, including Microsoft, Apple, and Mozilla; due to this, devices’ operating systems inherently trust public CAs. This means that individuals within an entity don’t have to manually register their certificates, as the system already deems them trustworthy. Such certificates are primarily used for public-facing websites (see the incredible keytos.io, for instance).
To cater to the certificate needs of global websites without depending on a singular entity or government, there exist hundreds of certificate authorities. In the past, some of these CAs inadvertently issued unauthorized certificates, paving the way for malicious actors to masquerade as genuine domain owners. To counteract this, CAA records have been created, and Google has mandated that all certificates be submitted to a minimum of two Certificate Transparency Logs (CT Logs). These CT Logs empower organizations to check whether a certificate related to their domain was issued without their consent. While perusing through these logs might appear daunting, EZMonitor, our SSL monitoring tool, allows you to monitor all your domains with a click of a button, and it can even avoid a certificate related outage.
Without doing a deep dive into the many intricate specifics surrounding how to request a public certificate authority, the general idea is that the organization that is requesting the certificate needs to prove the domain ownership to the issuing CA. In fact, the whole process of requesting a public certificate is incredibly similar to the process of getting a driver’s license from the DMV! Before you smash your screen from the PTSD that the acronym “DMV” just caused, don’t worry – public CAs support ACME, making the whole domain validation process simple; and, if you are using legacy Public CAs, check out EZCA’s public CA integration where EZCA allows you to automate certificate issuance without needing to pay millions of dollars for antiquated tools.