In order to expose HTTPS services one needs to provide an X509 certificate signed by a certificate authority (CA). Several trusted CAs are globally available and their public keys are by default configured in browsers. Hence, when the browser talks to linkedin.com, for example, it can check whether the LinkedIn’s…