About us

National Certification Authority (NCA) of Sri Lanka
The Root CA of National Certification Authority is the highest level Certification Authority in Sri Lanka.
The Public Key Infrastructure (PKI) enables users to achieve transaction confidentiality, integrity authentication and non-repudiation using cryptography technology. The issue of digital certificates is to be performed by authorized third-party certificate service providers (CSPs), as per the provisions of the Electronic Transactions Act No. 19 of 2006 (as Amended).
The National Certification Authority (NCA) is the overall governance as well as the standard setting entity required for the smooth and effective functioning of Certification Service Providers (CSPs). The electronic transactions act no. 19 of 2006 grants authority for a nationally recognized body to perform the function of the NCA.
Pursuant to Gazette Extraordinary, 2147/58, dated 30th October 2019, Sri Lanka Computer Emergency Readiness Team (Sri Lanka CERT) has been designated as the Certification Authority under section 18 of the above Act to perform the functions of the NCA.


To promote confidentiality, integrity, authenticity and reliability of electronic transactions.


To provide a secure environment for electronic transactions through a regulatory framework for the use of digital certificates and facilitate nationwide adoption of the same


  • Provide a regulatory framework for the issue and management of digital identities at an affordable price through authorized Certification Service Providers (CSPs).
  • Establish trust relationships internationally, through governmental, commercial and other channels to widen the acceptance of the root certificate.
  • Adopt internationally accepted technological standards, algorithms and procedures to benefits applied in the generation, management and revocation of digital certificates.
  • Audit Certification Service Providers for compliance with standards and regulations defined within the regulatory framework.
  • Review and revise regulatory framework components as and when needed.

Expected Benefits

The expected benefits through the establishment of root certification authority are:

  • To create a secure and resilient cyber space to all the Sri Lankan citizens
  • To secure the electronic communication within the country as well as between other countries
  • Establish a PKI framework in the country
  • Promote secure e-transaction through awareness and education
  • Cooperation with foreign CA to coordinate operations, exchange experience and technology transfers involving PKI and security including related standards