Which is the role of a certificate authority in PKI?

In PKI, the role of the certificate authority is to be the trusted issuer that signs and issues digital certificates, which bind a public key to an identity (a person, device, or service). The CA uses its private key to sign certificates, creating a verifiable chain of trust that others can validate with the CA’s public key. It handles issuing, renewing, and revoking certificates and publishes status information so relying parties know whether a certificate is still valid. This function is essential for establishing and maintaining trust in secure communications and services that rely on encryption. The other options don’t fit PKI’s purpose: passwords are part of authentication mechanisms, not certificate issuance; storing web logs is related to logging and auditing, not certificate management; and monitoring network traffic is a security monitoring activity, not a certificate authority’s duty.