Sign content credentials that travel with every photo, video, and document you publish
A C2PA Certificate lets you attach a cryptographically signed provenance record — a "content credential" — to any media file. Anyone who receives the file can verify its origin, check whether it's been altered, and see an auditable chain of custody from creation to distribution. Built on the open C2PA standard, backed by Adobe, Google, Microsoft, BBC, Reuters, and the Content Authenticity Initiative.
What is a C2PA Certificate?
A C2PA (Coalition for Content Provenance and Authenticity) Certificate is a digital certificate used to sign a C2PA manifest — the structured provenance record embedded in a media file. The certificate proves that the manifest was created by the named entity and hasn't been tampered with since signing.
When a platform, viewer, or tool inspects a content credential, it validates the C2PA certificate signature — confirming the credential is authentic and unaltered.
Key benefits
Provenance from creation
Attach a signed credential at the moment of capture or creation — establishing an unbroken chain of custody.
Tamper detection
Any modification to the file after credentialing breaks the manifest signature — detectable by any C2PA-aware viewer.
AI disclosure
Disclose AI generation or AI assistance in a standardized, machine-readable format — meets EU AI Act and emerging platform requirements.
Open standard
C2PA is supported by Adobe, Google, Microsoft, Intel, BBC, Reuters, Nikon, Leica, and hundreds of other Content Authenticity Initiative members.
Verifiable anywhere
Content credentials can be verified at verify.contentauthenticity.org and in C2PA-aware tools — no proprietary verification system required.
Issued by an authorized CA
SSL is an authorized C2PA certificate issuer — credentials signed with SSL certificates are recognized across the C2PA ecosystem.
Who is it for?
News agencies & wire services
Sign photographs and video at point of capture — downstream publishers and platforms can verify provenance.
Broadcasters & publishers
Authenticate editorial content and disclose AI involvement.
Photographers & videographers
Protect work with verifiable attribution at the file level.
Brands & advertising agencies
Authenticate campaign creative and prove content hasn't been altered.
AI content platforms
Label AI-generated or AI-assisted content in a standardized, compliant format.
Camera & capture tool manufacturers
Embed C2PA signing at the hardware or firmware level.
Request C2PA Certificate access
Contact our C2PA solution architects to design a customized implementation. Our team will confirm your organization’s eligibility, validation requirements, and integration options for embedding C2PA signing into your publishing or capture workflow.
How it works
Compatibility
Photoshop, Lightroom, Premiere
Native C2PA signing support — sign credentials at export across the Creative Cloud suite
c2patool CLI
Open-source command-line tool for signing and verifying C2PA manifests in any workflow
Leica & Nikon cameras
Hardware-level C2PA signing at point of capture — provenance from the moment of creation
Content Credentials verify
verify.contentauthenticity.org — publicly available verification for any C2PA-credentialed content
LinkedIn, Google Search & more
Growing platform support — major platforms implementing C2PA credential display
Compliance & standards
C2PA Specification (v2.x)
SSL issues certificates per the C2PA specification — credentials signed with SSL certificates are recognized across the ecosystem.
EU AI Act
Requires disclosure of AI-generated content — C2PA manifests provide a standardized, machine-readable disclosure mechanism.
Content Authenticity Initiative (CAI)
SSL is a CAI member — C2PA certificates issued by SSL are part of the CAI trust framework.
Frequently asked questions
A C2PA Certificate signs the content manifest — proving it's authentic and unaltered. A CAWG Identity Assertion embeds your verified organizational or personal identity inside the manifest. They complement each other: use both for maximum attribution and trust.
Yes — you can sign existing content with a C2PA manifest. However, provenance established at the point of creation is more authoritative than retroactive signing. Best practice is to sign at capture or creation.
C2PA supports JPEG, PNG, TIFF, WebP, MP4, MOV, MP3, WAV, HEIC, PDF, and others. Support is expanding as the standard matures.
Recipients can verify content at verify.contentauthenticity.org without any special software. C2PA-aware tools (Adobe apps, certain browsers) display credentials inline.
Related products
CAWG Identity Assertions
Add verified organizational or personal identity inside your C2PA manifest — so viewers see who created the content, confirmed by SSL as a trusted CA.
VMC — Verified Mark Certificate
Authenticate your brand in email alongside content distribution — your logo appears in supporting email clients, confirmed by a trusted CA.
IV S/MIME
Verified journalist or individual identity in editorial email — personally signed email from an SSL-validated individual.
