A root certificate is part of a PKI CA system and involves establishing trust between different types of certificates. There are different methods for establishing this trust. One method is direct and is common when these types of certificates come pre-installed, like when you purchase a new computer or software application. In order to save you time, and eliminate having to request certificates, you are able to trust the certificate because you know where it came from, meaning either the computer or software manufacturer.
A Root Certificate May Be Authenticated Through a Hierarchical System
Another method for establishing trust with a root certificate is common when your organization uses a hierarchical system. In this set up, a user’s certificate is validated through a series of trees and branches, until it is able to find an occurrence of this type of certificate which is able to be authenticated. Once authenticated, it sends the authentication back through the different trees and branches until it reaches the user’s computer.