A set of policies, processes, server platforms, software, and workstations used for administering public key certificates and public-private key pairs, including the ability to issue, maintain, and revoke certificates.