Certificates and Certification Authorities
Applications such as PGP are an ideal solution for individuals but not for large organisations.
Imagine an organisation with several hundred users. It's not feasible for them all to generate their own keys.
A better way is for the company's IT department to use a certification authority.
A certification authority uses a server that can issue 'digital certificates' to users.
Typically, a network administrator will configure the system to allocate digital certificates to those network users that require them.
If a network administrator sets up their own certificate authority, any certificates issued by it will be trusted within that organisation.
If you need to have the certificate trusted outwith your organisation you need to use a reputable organisation that provides this service.