ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Trusted Certificate Authorities when enforcing TLS with Email Security.cloud

book

Article ID: 161437

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

You need information on the Certificate Authorities (CA) that are trusted by the Symantec Email Security.cloud service when enforcing TLS using Strong certificate validation.

A CA is a trusted third-party organization or company that issues digital certificates. These certificates are used to create digital signatures and public-private key pairs.

The role of the CA is to guarantee that the company or individual granted the unique certificate is, in fact, who they claim to be. CAs are a critical component in data security as they guarantee the identity of the two parties exchanging information.

Resolution

Example:

Organization

  • Common name

 

Trusted CAs

AC Camerfirma S.A.

  • Global Chambersign Root - 2008

Actalis S.p.A.

  • Actalis Authentication Root CA

AffirmTrust

  • AffirmTrust Commercial

Amazon

  • Amazon Root CA 1

Atos

  • Atos TrustedRoot 2011

A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH

  • A-Trust-nQual-03

Baltimore

  • Baltimore CyberTrust Root

CESCA Root Certification Authority

  • CESCA

Chunghwa Telecom Co., Ltd.

  • ePKI Root Certification Authority
  • ePKI Root Certification Authority - G2

COMODO CA Limited

  • COMODO Certification Authority
  • COMODO RSA Certification Authority

Comodo CA Limited

  • AAA Certificate Services

Cybertrust, Inc

  • Cybertrust Global Root

Dhimyotis

  • Certigna Root CA
  • Certigna

DigiCert Inc

  • DigiCert Assured ID Root CA
  • DigiCert Global Root CA
  • DigiCert High Assurance EV Root CA
  • DigiCert Global Root G2
  • DigiCert Global Root G3

Digital Signature Trust Co.

  • DST Root CA X3

D-Trust GmbH

  • D-TRUST Root Class 3 CA 2 2009

Entrust, Inc.

  • Entrust Root Certification Authority
  • Entrust Root Certification Authority - G2

GeoTrust Inc.

  • GeoTrust Primary Certification Authority - G3
  • GeoTrust Primary Certification Authority
  • GeoTrust Global CA

GlobalSign

  • GlobalSign

GlobalSign nv-sa

  • GlobalSign Root CA

GoDaddy.com, Inc.

  • Go Daddy Root Certificate Authority - G2

Hongkong Post

  • Hongkong Post Root CA 1

IdenTrust

  • IdenTrust Commercial Root CA 1
  • IdenTrust Public Sector Root CA 1

IPS Certification Authority s.l. ipsCA

  • ipsCA Global CA Root

NetLock Halozatbiztonsagi Kft.

  • NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado

NetLock Kft.

  • NetLock Arany (Class Gold)

Network Solutions L.L.C.

  • Network Solutions Certificate Authority

QuoVadis Limited

  • QuoVadis Root CA 2
  • QuoVadis Root CA 3
  • QuoVadis Root CA 2 G3

SECOM Trust Systems CO.,LTD.

  • Security Communication RootCA2

SECOM Trust.net

  • Security Communication RootCA1

SecureTrust Corporation

  • SecureTrust CA

Staat der Nederlanden

  • Staat der Nederlanden EV Root CA
  • Staat der Nederlanden Root CA - G3

Starfield Technologies, Inc.

  • Starfield Root Certificate Authority - G2
  • Starfield Class 2 Certification Authority

StartCom Ltd.

  • StartCom Certification Authority

SwissSign AG

  • SwissSign Platinum CA - G2
  • SwissSign Silver CA - G2
  • SwissSign Gold CA - G2

Symantec Corporation

  • Symantec Class 1 Public Primary Certification Authority - G6
  • Symantec Class 2 Public Primary Certification Authority - G6

TAIWAN-CA

  • TWCA Root Certification Authority
  • TWCA Global Root CA

TC TrustCenter GmbH

  • TC TrustCenter Class 2 CA II
  • TC TrustCenter Class 3 CA II
  • TC TrustCenter Universal CA I

TDC

  • TDC OCES CA

TeliaSonera

  • TeliaSonera Root CA v1

thawte, Inc.

  • thawte Primary Root CA - G3
  • thawte Primary Root CA

The Go Daddy Group, Inc.

  • Go Daddy Class 2 Certification Authority

The USERTRUST Network

  • USERTrust RSA Certification Authority

TRUST2408

  • TRUST2408 OCES Primary CA

Trustis Limited

  • Trustis FPS Root CA

T-Systems Enterprise Services GmbH

  • T-TeleSec GlobalRoot Class 2
  • T-TeleSec GlobalRoot Class 3

T-Systems International GmbH

  • TeleSec ServerPass Class 2 CA

Unizeto Sp. z o.o.

  • Certum CA

Unizeto Technologies S.A.

  • Certum Trusted Network CA

Vaestorekisterikeskus CA

  • VRK Gov. Root CA

VeriSign, Inc.

  • VeriSign Universal Root Certification Authority
  • Class 3 Public Primary Certification Authority
  • Class 3 Public Primary Certification Authority - G2
  • Class 4 Public Primary Certification Authority - G2
  • VeriSign Class 3 Public Primary Certification Authority - G5

Vodafone

  • Criminal Justice IT Root CA (CJSM)

Additional Information

If a particular CA/CN pair that is required for the successful email exchange via TLS enforcement is missing. Please let our support team know via a support case.