Certification Authorities (CA) are a critical component of a PKI. All the certificates issued by a CA will become invalid when the (signing) private key of the CA is compromised. Hence it is a very important issue to protect the private key of an online CA. ARECA systems, built on top of threshold cryptography, ensure the security of a CA through a series of defense-in-depth protections. ARECA systems won't be compromised when a few system components are compromised or some system administrators betray. The private key of a CA is protected by distributing different shares of the key to different (signing) components and by ensuring that any component of the CA is unable to reconstruct the private key. In addition, the multi-layer system architecture of ARECA makes it very difficult to attack from outside. Several threshold-cryptography- based methods are proposed in the literature to construct an intrusion tolerant CA, and the uniqueness of ARECA is that it engineers a novel two phase signature composition scheme and a multi-layer CA protection architecture. As a result, ARECA is (a) practical, (b) highly resilient to both insider and outsider attacks that compromise one or more components, and (c) can prevent a variety of outside attacks.