A public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates and manage public-key encryption - wikipedia 
Principle of a public key infrastructure.
Rough outline: A user applies for a certificate with his public key at a registration authority (RA). The latter confirms the user's identity to the certification authority (CA) which in turn issues the certificate. The user can then digitally sign a contract using his new certificate. His identity is then checked by the contracting party with a validation authority (VA) which again receives information about issued certificates by the certification authority.
- wikimedia.org
In cryptography, a PKI is an arrangement that binds public keys with respective identities of entities (like people and organizations).
The binding is established through a process of registration and issuance of certificates at and by a certificate authority (CA). Depending on the assurance level of the binding, this may be carried out by an automated process or under human supervision.
# Methods of certification
Broadly speaking, there have traditionally been three approaches to getting this trust: