This document contains information about how to configure TLS (a.k.a. SSL) certificates.
TLS certificates are used to ensure secure communications (e.g., over a HTTPS channel).
Normally, applications are pre-configured to rely on a database of trusted certificate authorities (CAs). Under the following conditions an application may fail to connect to a server:
One reason that a certificate may be signed by a CA not stored as a trusted CA is that the service has intentionally used a non-standard CA.
Another reason that a certificate may be signed by a CA not stored as a trusted CA is that an actor in between the client and the server is attempting to intercept network traffic. A man-in-the-middle attack. This could be malicious. Or, if you are in a corporate environment, simply to be expected.
This document discusses ways in which certificates can be managed.