Skip to main content

Creating a positive user experience

Public Trust

When selecting a TLS/SSL certificate, a critical consideration is whether or not the issuing Certification Authority (CA) of the certificate is “natively trusted” in common browsers.  Another term for native trust is “Public Trust”.  IdenTrust TLS/SSL certificates are compliant with the requirements defined by the Certification Authority Browser Forum (CA/B Forum), which is necessary to become a natively trusted CA in browsers.  IdenTrust is accredited with the major browser providers, allowing certificates issued by IdenTrust to be natively trusted.

When the issuer  of a TLS/SSL certificate is not natively trusted, the website visitor may be presented with confusing warnings and may be required to accept a message indicating that the server certificate is unknown.  With IdenTrust TrustID certificates, this situation is completely eliminated. 

To purchase an IdenTrust TLS/SSL certificate, select Buy Now

U.S. Government Trust

Government Trusted TLS/SSL certificates are typically used within government environments. IdenTrust offers a DoD ECA TLS/SSL certificate for this purpose. However, in order for a TLS/SSL certificate to be natively trusted, the certificate root chain must be installed in the end-user's browser. Some root chains, such as Federal Bridge, under which DoD ECA certificates are issued, are not automatically installed in browsers (not publicly-trusted). This means that end-users who do not have the  Federal Bridge may receive an error message As a result, if public-trust is also required, then each end-user would need to manually add the DoD ECA root chain to the browser. 

Essentially, based on the fact that the Federal Bridge root is no longer automatically included in common browsers (FPKI Announcement), there are no TLS/SSL offerings that are both automatically government and publicly trusted.

To purchase a DoD ECA TLS/SSL certificate, select Buy Now

Specifications

IdenTrust TLS/SSL certificates can be installed in any server that supports X.509 certificates.

IdenTrust TLS/SSL certificate are natively trusted with the following browsers:

  • Apple® Safari (for OSX and iOS)
  • Blackberry®
  • Google® Chrome (for Windows®, Apple® OSX and Android®)
  • Microsoft® Internet Explorer and Edge
  • Mozilla® Firefox (in Windows®, Apple® OSX and Linux® environments)
  • Oracle® Java

See the full IdenTrust CA Compatibility.


To purchase an IdenTrust TLS/SSL certificate, simply select BUY NOW and use our Certificate Selection Wizard to determine the best certificate for your application.