Asymmetric cryptography (public key) is a mainstay of internet commerce and communication. It has routinely been used for SSL and TLS connection on the web. A typical use is public key encryption, where data in transit is encrypted by anyone holding the public key but can only be decrypted by the holder of the private key. Another use is digital signatures, where a blob of data is signed with a sender's private key and the receiving party can verify the authenticity if they hold the public key.
To assist with providing public keys with confidence, a process known as Public Key Infrastructure (PKI) is used. To guarantee authenticity, trusted third parties known as Certificate Authorities (CA) manage roles and policies to create and distribute digital certificates. Symantec, Comodo, and GoDaddy are the largest public issuers of TLS certificates. X.509 is a standard that defines public key certificate formats. It is the basis of TLS/SSL and HTTPS secure communication. X.509 defines such things as the encryption algorithm used, expiration dates, and the issuer of the certificate.
In the following figure, an example of PKI infrastructure is shown. The CA, RA, and VA systems used and the phases of granting and verifying a key granted for encrypting a message are shown: