When you digitally sign a document using your digital signature, you are encrypting the document before sending it off. However, the receiving person has no idea whether they can trust the document without authenticating it. The best way for them to perform the authentication is to obtain a PKI certificate issued by a third party source, which is trusted. This outside party also would have issued your digital signature. By using an outside trusted source, others are able to authenticate your signature and trust the documents really came from you and not someone else.
You Can Approve Requests for A PKI Certificate Containing a Public Key
A certification authority is needed to create a PKI certificate. When these types of certificates are created, they are issued in pairs. The requesting company will receive one certificate with a private key, which should never be shared. The CA will also issue one certificate with a public key, which can be distributed using various methods. One option is to have users request the certificate directly from the CA. Before the CA sends the requester the certificate, you have the ability to approve or deny requests.