Usually you get all these certs with any browser or Web Server. For example, Apache stores the root certs in its config folder (check your httpd.conf for exact location). AFAIK, there is no "standard" set of certs. Each product decides whom it trusts.
Aleksey Moultrie, Ferrell (ISSAtlanta) wrote: > How does one go about getting a list of "standard" trusted root certs >(e.g., Verisign, Thawte, Entrust, etc.) that can be used to validate a >public key certificate included with a signed document? Obviously there >is an issue of who do you trust here -- but assuming for these purposes >you trust all the CA's listed above (and probably other commercial CAs), >what is the standard way of obtaining the CA certs and then >building/loading the list of trusted root certs that are acceptible for >x509 cert verification? Is there a standard repository of such certs or >do I have to go to each CA in turn and get their current root cert for >inclusion? >Thanks! > Ferrell > >---------------------------------------------------------------- >Ferrell Moultrie > Home- (770)552-0486 Fax- (770)552-0489 [EMAIL PROTECTED] > Work[ISS]- (404)236-2849 Fax- (404)236-2609 [EMAIL PROTECTED] >_______________________________________________ >xmlsec mailing list >[EMAIL PROTECTED] >http://www.aleksey.com/mailman/listinfo/xmlsec > > _______________________________________________ xmlsec mailing list [EMAIL PROTECTED] http://www.aleksey.com/mailman/listinfo/xmlsec
