Which description best defines a Certificate Repository?

A certificate repository is a centralized storage location for issued certificates, allowing systems and users to retrieve public certificates to verify identities and establish trust. It holds the public data needed to validate who a certificate belongs to and to build secure communications, without containing private keys. Private keys belong in separate key stores or hardware security modules. It’s not a service that signs certificates—that role is fulfilled by a certificate authority. It’s also not primarily a log of certificate usage, which would be about auditing rather than distributing certificates. The repository ensures the available public certificates can be accessed when needed to validate identities in the PKI.