In the fields of cryptography and computer security, a root certificate is an unsigned public key certificate or a self-signed certificate.

The root certificate is the certificate issued to itself by the CA certification center and is the starting point of the trust chain. Installing the root certificate means trusting this CA certification center.

Technically speaking, the certificate actually contains three parts, the user’s information, the user’s public key, and the CA center’s signature on the information in the certificate. The authenticity of a certificate must be verified (i.e. To verify whether the signature of the certificate information by the CA center is valid), you need to use the public key of the CA center to verify, and the public key of the CA center exists in the certificate that signed this certificate, so you need to download the certificate, but use this certificate Verification requires first verifying the authenticity of the certificate itself, so it must be verified with the certificate that issued the certificate. This forms a certificate chain relationship. Where does this certificate chain end? The answer is the root certificate. The root certificate is a special certificate whose issuer is itself. Downloading the root certificate indicates that you trust all certificates issued under the root certificate, and technically it establishes a verification The chain of certificate information ends when the verification of the certificate is traced back to the root certificate. Therefore, users must download the root certificate before using their own digital certificate.