Organizations often want to be able to control the distribution of PKI digital certificates. One way in which they can regulate the distribution is through proper administration of their certificate authority system. Users can submit requests through the system for a digital certificate. Upon receiving the request, the system administrator reviews each one and decides whether to issue the certificate or deny the request.
Options for Using Your Own PKI Certificate Authority System
You will need a PKI certificate authority (CA) system in place when your organization wants to create and issue digital certificates. The CA system can be installed internally on your own server, be run as part of a managed service, or run as a shared CA service through a third party. A shared service is a mixture of both internal and managed services, giving you the design and flexibility to choose which parts of the system are dedicated, hosted and shared.