emSign Knowledge Base
  • emSign
  • Getting Started
    • About emSign
    • Why emSign?
    • Key Highlights
      • Root Store Listings
      • Trust
      • Security
    • Certificate Lifecycle and Key Management Platform (CERTInext)
  • emSign CERTInext
    • Overview
    • Getting Started
      • Enterprise Sign up
      • Partner Sign up
      • Retail Customers
      • Multi-factor & Trusted login
        • Multifactor Authentication and Single Sign On
        • Enforce 2FA
        • IP Restrictions
        • Digital Certificate based login
      • Alerts and Notifications
    • User and Group Management
    • Ordering a Certificate
      • As a Customer
        • DV certificates
        • OV Certificates
        • EV Certificates
        • SMIME Certificates
        • Intranet SSL Certificate
        • IGTF Certificates
        • Subscription Plan Coverage for SSL Products
        • Group-based Certificates Ordering
        • Ordering using Custom Fields
      • As a Partner
        • Order for Customers
        • Order for Sub-accounts
      • Requester Approval Workflows
        • EV requests by Authorized Signatory
        • Certificate requests by Administrator
      • Submitting a Certificate Signing Request (CSR)
        • Submit CSR for Pending Orders
        • Replace CSR for Pending Orders
      • Downloading Certificates
        • Download Interim DV
        • Download Certificate
      • Post Order Actions
        • Renew Certificate
        • Revoke an issued Certificate
        • Reissue Certificate
        • Add / Remove SANs for Multi-Domain SSL
    • Management
      • Domains
      • Organizations
      • Orders
      • Products
      • Templates
        • CSR Templates
        • Provisioning Templates
    • Integrations
      • Using APIs to Order
        • REST APIs
        • ACME APIs
      • Tools
        • eMudhra Certificate Utility Tool
        • eMudhra emSign Click Tool
          • Procedure for installing Certificate in HSM
          • Procedure for Attested CSR Generation
      • CA Connectors
    • Billing & Payments
      • Add Credits
      • Invoices
      • Statement (Ledger Statement)
      • Product Price List
    • Reports
      • Orders Report
      • Overall Statistics
      • Certificates Report
      • Key Store Report
      • Key Report
      • Sales Summary
      • Audit Logs
    • Settings
      • Reporting Tags
      • Manage Schedules
      • Custom Fields
    • Certificate Lifecycle Management
      • Discover Certificates
      • emSign CERTInext Bot
    • Key Lifecycle Management
      • Manage Keys
      • Key Profiles
      • Key Store
  • Consent Management
  • Certificate Approval Process
    • Domain Validation (DV) Process
    • Organization Validation (OV) Process
    • Extended Validation (EV) Process
    • User Certificates Process
    • SMIME Certificate Process
    • Qualified Sources
  • Certificate Installation
    • Before you install
    • Browser Compatibility
    • emSign's Security Seal
    • Installing SSL Certificate on IIS
    • Installing SSL Certificate on cPanel
    • Installing SSL Certificate on Amazon Web Services (AWS)
    • Installing SSL Certificate on Apache
    • Installing SSL Certificate on Plesk 12
    • Installing SSL Certificate on NGINX
    • Installing SSL Certificate on Google App Engine
    • Installing SSL Certificate on WHM
    • Installing SSL Certificate on Ubuntu
    • Installing SSL Certificate on Tomcat
    • Installing SSL Certificate on Heroku
    • Installing SSL Certificate on Bigcommerce
    • Installing Root & Intermediate Certificates for Intranet SSL
    • Supported Devices for auto-provisioning of certificates
    • SSL/TLS Server Rating Guide
  • Release Notes
    • Introduction
    • R1619 (07-Apr-2025)
    • R1591 (10-Mar-2025)
    • R1581 (28-Feb-2025)
    • R1553 (31-Jan-2025)
    • R1522 (31-Dec-2024)
    • R1490 (29-Nov-2024)
    • R1460 (30-Oct-2024)
    • R1427 (27-Sep-2024)
    • R1371 (02-Aug-2024)
    • R1354 (16-Jul-2024)
    • R1300 (23-May-2024)
    • R1251 (04-Apr-2024)
    • R1230 (14-Mar-2024)
    • R1196 (09-Feb-2024)
    • R1167 (11-Jan-2024)
    • R1152 (27-Dec-2023)
    • R1139 (14-Dec-2023)
    • R1124 (29-Nov-2023)
    • R1115 (20-Nov-2023)
    • R1101 (06-Nov-2023)
    • R1075 (11-Oct-2023)
    • R1062 (28-Sep-2023)
    • R1046 (12-Sep-2023)
    • R1039 (05-Sep-2023)
    • R1031 (28-Aug-2023)
    • R1024 (21-Aug-2023)
    • R1001 (29-Jul-2023)
Powered by GitBook

© eMudhra. All Rights Reserved.

On this page

Was this helpful?

Export as PDF
  1. Getting Started
  2. Key Highlights

Root Store Listings

A root store is a repository of trusted root certificates used by operating systems, browsers, and other software applications to verify the authenticity of digital certificates. When a Certificate Authority (CA) is included in these root stores, any certificate they issue will be trusted by default on devices and browsers that use those stores. This is a cornerstone of Public Key Infrastructure (PKI), as it ensures that users and organizations can confidently navigate the internet, knowing that their digital connections and documents are backed by verified credentials.

As a global CA, emSign maintains its presence in multiple widely used root stores, ensuring that digital certificates issued by emSign are recognized and trusted by billions of devices worldwide. Below is an overview of emSign’s current root store inclusions and the significance of each program.

Major Root Store Programs

  1. Microsoft Trusted Root Program

    • Scope: Covers Microsoft Windows operating systems (e.g., Windows 10, Windows 11, and their server equivalents) and Microsoft’s products like Internet Explorer and Edge.

    • Importance: Inclusion ensures that emSign certificates are trusted on all supported Windows environments by default, allowing seamless usage in enterprise networks and consumer devices.

  2. Apple Root Certificate Program

    • Scope: Includes macOS, iOS, iPadOS, and Safari.

    • Importance: Being part of Apple’s trust store allows emSign’s certificates to function seamlessly across Apple desktops, laptops, and mobile devices, covering a vast user base in both consumer and business contexts.

  3. Mozilla Root Store

    • Scope: Impacts Mozilla Firefox and derivative browsers or applications using Mozilla’s root store.

    • Importance: Firefox is a popular cross-platform browser, used extensively on Windows, macOS, Linux, and Android. Inclusion here ensures that emSign certificates work smoothly across diverse computing environments.

  4. Android Root Store

    • Scope: Governs the vast Android ecosystem—smartphones, tablets, and other devices running Android OS.

    • Importance: With a significant share of the global mobile market, inclusion in the Android root store means that emSign certificates are trusted on devices from a wide array of manufacturers.

  5. Java (Oracle) Root Store

    • Scope: The Java platform and applications that rely on Java’s default keystore (cacerts).

    • Importance: Many enterprise and server-side applications depend on Java’s trust store. Being included here ensures smooth integrations where Java-based applications must validate or use emSign-issued certificates.

  6. Other Trusted Root Programs

    • Linux Distributions: Some popular distributions (e.g., Ubuntu, Red Hat, Fedora) maintain their own certificate bundles, often synchronized with Mozilla’s root store.

    • Third-Party Browsers: Many browsers base their trust store on existing programs (like Mozilla’s or Microsoft’s), effectively extending the coverage of emSign’s root certificates.

Note: The specific coverage and update cycles differ by platform; some devices or operating systems may require manual updates to trust the latest root CAs.

PreviousKey HighlightsNextTrust

Last updated 4 months ago

Was this helpful?

For more information on emSign's inclusion in specific root stores, feel free to check or reach out to our support team.

ccadb