Skip to main content

Trusted root certificates are used by a computer or device for secure communications and file/program authentication.

For a program or operating system to be able to cryptographically "trust" a file or remote server it does not know the origin of or have control over, a certificate is issued by a certificate authority. The certificate is itself issued a certificate. The certificates which are not certified are called "root" certificates because there is nothing above them, similar to the root directory of a drive or website. These are in most cases trusted by default by operating systems and web browsers and called "trusted root certificates". Many countries and businesses issue these for their citizens and employees to use in secure communications. Companies like Verisign, Thawte and others maintain trusted root certificates that are then used to trust certificates that are sold to private websites, who use them for HTTPS communicate with web browsers.

Questions that have to do with defective or malfunctioning certificates and certificate errors should have this tag.

Microsoft has a good page on the subject: