CA(Certificate Authority): the full name of the certificate issuing authority, that is, the application, issuance and management institution of digital certificates. Its main functions are: generating key pairs, generating digital certificates, distributing keys, managing keys, etc.

Digital certificate: it is a certificate issued by CA organization (that is, CA certificate mentioned in the question), which contains information such as public key, owner's name of public key, digital signature of CA, expiration date, name of authorized center, serial number of certificate, etc. We can generally understand that a digital certificate is an identity card of an individual or enterprise on the network.

The application of encryption technology in the process of using digital certificates can achieve:

Authentication: The two parties transmitting information in the network can't meet each other, so digital certificates can be used to confirm their identities, instead of being impersonated by others.

Confidentiality: The information is encrypted with a digital certificate, and only the receiver can read the encrypted information, thus ensuring that the information will not be stolen by others.

Integrity: Digital certificates can be used to check whether the transmitted information has been tampered with or lost during transmission.

Non-repudiation: A digital signature with a digital certificate can accurately mark the identity of the signer and verify the content of the signature, so the signer cannot deny the signature and the content of the signature, and its function has the same legal effect as a handwritten signature.