Select a trust chain

The Root Selection trust chain options provide flexibility when managing your organization-validated (OV) and extended-validated (EV) certificates. To avoid selecting the trust chain for an RSA issuer separately from an ECDSA issuer, these pre-set issuer pairs (bundles) are available:

default
digicert-g1 (ECDSA: G1, RSA: G1)
digicert-g2-g3 (ECDSA: G3, RSA: G2)
digicert-g5 (ECDSA: TLS ECC G5, RSA: TLS RSA G5) For details on DigCert G5 root certificates, see DigiCert Trusted Toot Authority Certificates.

📘
Trust chain options
The default option is an Akamai-managed trust chain with a root certificate that Akamai controls. When selected, Akamai updates the trust chain at renewal, resulting in a change to the trust chain. If you don’t select a trust chain, or a trust chain wasn’t selected for your existing certificates, CPS uses the default option.

Use the Root Selection setting to configure the CPS trust chain and root certificate for OV and EV certificates. For details, see:

Create an extended-validated certificate
Create an organization-validated certificate

📘Trust chain options

📘
Trust chain options