[xmlsec] Trusted Root Cert source?

Aleksey Sanin aleksey at aleksey.com
Tue Sep 24 11:12:38 PDT 2002

Usually you get all these certs with any browser or Web Server. For 
example, Apache
stores the root certs in its config folder (check your httpd.conf for 
exact location).
AFAIK, there is no "standard" set of certs. Each product decides whom it 


Moultrie, Ferrell (ISSAtlanta) wrote:

>  How does one go about getting a list of "standard" trusted root certs
>(e.g., Verisign, Thawte, Entrust, etc.) that can be used to validate a
>public key certificate included with a signed document? Obviously there
>is an issue of who do you trust here -- but assuming for these purposes
>you trust all the CA's listed above (and probably other commercial CAs),
>what is the standard way of obtaining the CA certs and then
>building/loading the list of trusted root certs that are acceptible for
>x509 cert verification? Is there a standard repository of such certs or
>do I have to go to each CA in turn and get their current root cert for
>  Ferrell
>Ferrell Moultrie
>  Home-      (770)552-0486   Fax- (770)552-0489  ferrell at moultrie.org
>  Work[ISS]- (404)236-2849   Fax- (404)236-2609  FMoultrie at iss.net
>xmlsec mailing list
>xmlsec at aleksey.com

More information about the xmlsec mailing list