How to check if installed Trusted CAs are not dangerous?

Asked Feb 10 '19 at 11:19

Active Feb 10 '19 at 11:24

Viewed 206 times

I've checked my Windows 7 installed Trusted Certificate Authorities using MMC tool as below:

Questions are:

How can I be sure that they are genuine and are installed by Microsoft and not by a third-party software which I have installed on my Windows?
What certificates I should check? Is that enough to check Trusted Root Certificate Authorities only or I need to check other directories in above picture too?
Does Google Chrome and Firefox use these Certificates to verify website's certificates or they have their own CA certificates?

asked Feb 10 '19 at 11:19

Ebrahim Ghasemi

1

And as for question #3: Chrome uses the systems CA store and Firefox comes with its own. – Steffen Ullrich Feb 10 '19 at 11:25
@SteffenUllrich I searched almost all the above certificate's Thumbprints in www.crt.sh, but nothing found. Why? – Ebrahim Ghasemi Feb 10 '19 at 12:10
This is a different question than your original one and should thus be asked as a new question and not a comment. In this question you should also provide more details, i.e. not "almost all" but the specific certificates you expected to be available there and why. – Steffen Ullrich Feb 10 '19 at 12:56

0 Answers0