Who issues and signs the website's certificate in public key infrastructure?

• A. A certificate authority issues and signs the website's certificate.
• B. The certificate authority randomly assigns IP addresses.
• C. A certificate authority writes the HTML for the page.
• D. A certificate authority verifies DNS records.

Answer: (A)

In public key infrastructure, trust hinges on a certificate authority that binds a domain to a public key. The authority verifies you control the website, issues a digital certificate for that site, and signs the certificate with its private key. This signature lets browsers verify the certificate using the CA’s public key, establishing a trusted connection during the TLS handshake. If the certificate is valid and matches the domain, the secure connection proceeds.

The other ideas don’t fit because writing HTML, or randomly assigning IP addresses, aren’t related to issuing or signing certificates. Verifying DNS records can be part of domain validation, but it’s not the act of issuing and signing the website’s certificate itself.