Trust Anchor Store


Trust Anchor Store is defined in RFC 6024 as a set of one or more Trust Anchors stored in a device. A Trust Anchor Store may be managed by one or more Trust Anchor Managers. A device may have more than one Trust Anchor Store, each of which may be used by one or more applications.

Trust Anchor Store which may be called many other things.

certificate trust list[1]#

Microsoft uses certificate trust list:

certificate trust list (CTL) A predefined list of items that have been signed by a trusted entity. A CTL can be anything, such as a list of hashes of certificates, or a list of file names. All the items in the list are authenticated (approved) by the signing entity.


A Java KeyStore (JKS) is the Trust Anchor Store used in Java


Apple uses KeyChain to represent Trust Anchor Store.

More Information#

There might be more information for this subject on one of the following: