Symantec Root Certificate Licensing and Use

Go through the following steps if you have bought Symantec Root Certificate under Root Certificate License Agreement, which is available free of charge.

Root Certificate can be downloaded under the terms of the Root Certificate License Agreement (PDF) at free of Charge and you are not required to sign the agreement to make use of the Root Certificates.

If your company policy requires a signed agreement, you can get it by emailing a signed copy to dl-tss-root@symantec.com along with the information requested in the agreement. You will receive a countersigned copy of your records.

DISCLAIMER: ROOT CERTIFICATES, AND ANY UPDATES, ARE PROVIDED “AS-IS” WITH NO WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT OF THIRD PARTY RIGHTS.


VeriSign Root Package

Download a root package for VeriSign Certificates (roots.zip file)


Root 1

VeriSign Class 3 Public Primary CA – G3
Description: This 2048 bit root CA is not used in present days and should be included in the root store. It is used for secure client certificates, but it is expected to be utilized in the future for SSL and Code Signing Service for certain applications.

Country = US
Organization = VeriSign, Inc.
Organizational Unit = VeriSign Trust Network
Organizational Unit = (c) 1999 VeriSign, Inc. – For authorized use only
Common Name = VeriSign Class 3 Public Primary Certification Authority – G3
Serial Number: 00 9b 7e 06 49 a3 3e 62 b9 d5 ee 90 48 71 29 ef 57
Valid From: Thursday, September 30, 1999 4:00:00 PM
Valid to: Wednesday, July 16, 2036 3:59:59 PM
Certificate SHA1 Fingerprint: 13 2d 0d 45 53 4b 69 97 cd b2 d5 c3 39 e2 55 76 60 9b 5c c6
File name in Root package: Class 3 Public Primary Certification Authority – G3

Test Site: httpss://ssltest3.bbtest.net

Download Root Now (Right Click, Save As)

Root 2
VeriSign Class 3 Public Primary CA – G4
Description: This Root is not used in present days and should be included in root store. It is an ECC (Eliptic Curve Cryptography) root that may be used in future to as the root of Trust for Class1, 2 and 3 certificates ECC certificates.

Country = US
Organization = VeriSign, Inc.
Organizational Unit = VeriSign Trust Network
Organizational Unit = (c) 2007 VeriSign, Inc. – For authorized use only
Common Name = VeriSign Class 3 Public Primary Certification Authority – G4
Serial Number: 2f 80 fe 23 8c 0e 22 0f 48 67 12 28 91 87 ac b3
Valid From: Sunday, November 04, 2007 4:00:00 PM
Valid to: Monday, January 18, 2038 3:59:59 PM
Certificate SHA1 Fingerprint: 22 d5 d8 df 8f 02 31 d1 8d f7 9d b7 cf 8a 2d 64 c9 3f 6c 3a
File name in root package: VeriSign Class 3 Public Primary Certification Authority – G4
Signature Algorithm: 1.2.840.10045.4.3.3 (ecdsaWithSHA384)

Download Root Now (Right Click, Save As)

Root 3
VeriSign Class 2 Public Primary CA – G3
Description:
 This root certificate extensively used presently to sign Class 2 client certificates which are issued through Symantec’s Managed PKI Service. It is also a 2048 bit and should be included in root stores and will be used in the future continue.

Country = US
Organization = VeriSign, Inc.
Organizational Unit = VeriSign Trust Network
Organizational Unit = (c) 1999 VeriSign, Inc. – For authorized use only
Common Name = VeriSign Class 2 Public Primary Certification Authority – G3
Serial Number: 61 70 cb 49 8c 5f 98 45 29 e7 b0 a6 d9 50 5b 7a
Valid From: Thursday, September 30, 1999 4:00:00 PM
Valid to: Wednesday, July 16, 2036 3:59:59 PM
Certificate SHA1 Fingerprint: 61 ef 43 d7 7f ca d4 61 51 bc 98 e0 c3 59 12 af 9f eb 63 11
File name in Root package: Class 2 Public Primary Certification Authority – G2

Download Root Now (Right Click, Save As)

Root 4
VeriSign Class 2 Public Primary CA – G2
Description: This root CA is used today to sign Class 2 client certificates issued through Symantec’s Managed PKI Service. This root may be used until 12/31/2013 when VeriSign completes its transition to using a 2048 bit root. This root should be included in root stores as it is a 2048 bit root that will continue to be used in the future. Vendors should not plan on removing support for this root until officially advised that the root is no longer needed to support certificates or CRL validation.

Country = US
Organization = VeriSign, Inc.
Organizational Unit = VeriSign Trust Network
Organizational Unit = (c) 1999 VeriSign, Inc. – For authorized use only
Common Name = VeriSign Class 2 Public Primary Certification Authority – G2
Serial Number: 00 b9 2f 60 cc 88 9f a1 7a 46 09 b8 5b 70 6c 8a af
Valid From: Sunday, May 17, 1998 5:00:00 PM
Valid to: Tuesday, August 01, 2028 4:59:59 PM
Certificate SHA1 Fingerprint: b3 ea c4 47 76 c9 c8 1c ea f2 9d 95 b6 cc a0 08 1b 67 ec 9d
File name in Root package: Class 2 Public Primary Certification Authority – G2

Download Root Now (Right Click, Save As)

Root 5
VeriSign Class 1 Public Primary CA
Description: This root CA is used nowadays to sign all Class 1e-mail certificates. This root was replaced by the VeriSign Class 1 Primary certification Authority – G3 during 2010, but should be included in root stores at least until January 1, 2013 to continue support certificates issued off this root as well as CRLs.

Country = US
Organization = VeriSign, Inc.
Organizational Unit = Class 1 Public Primary Certification Authority
Serial Number: 00 cd ba 7f 56 f0 df e4 bc 54 fe 22 ac b3 72 aa 55
Valid From: Sunday, January 28, 1996 5:00:00 PM
Valid to: Tuesday, Tuesday, August 01, 2028 4:59:59 PM
Certificate SHA1 Fingerprint: 90 ae a2 69 85 ff 14 80 4c 43 49 52 ec e9 60 84 77 af 55 6f
File name in Root package: Class 1 Public Primary Certification Authority

Download Root Now (Right Click, Save As)

Root 6
VeriSign Class 1 Public Primary CA – G3
Description:
 This Root CA must be included in root stores and currently used to sign all class 1e-mail certificate starting in Q4 2010.

Country = US
Organization = VeriSign, Inc.
Organizational Unit = Class 1 Public Primary Certification Authority – G3
Organizational Unit = (c) 1998 VeriSign, Inc. – For authorized use only
Organizational Unit = VeriSign Trust Network
Serial Number: 00 8b 5b 75 56 84 54 85 0b 00 cf af 38 48 ce b1 a4
Valid from: Thur September 30, 1999 5:00:00 PM
Valid to: Wed July 01, 2036 4:59:59 PM
Certificate SHA1 Fingerprint: 20 42 85 dc f7 eb 76 41 95 57 8e 13 6b d4 b7 d1 e9 8e 46 a5
File name in Root package: Class 1 Public Primary Certification Authority

Download Root Now (Right Click, Save As)

Root 7
VeriSign Universal Root CA
Description: While this root is not being used today for Symantec’s commercial certificate offerings, This SHA-256 root will be used in the future to as the root of Trust for Class1, 2 and 3 certificates SHA-256 certificates and should be included in root stores.

Country = US
Organization = VeriSign, Inc.
Organizational Unit = VeriSign Trust Network
Organizational Unit = (c) 2008 VeriSign, Inc. – For authorized use only
Common Name = VeriSign Universal Root Certification Authority
Serial Number: 40 1a c4 64 21 b3 13 21 03 0e bb e4 12 1a c5 1d
Valid From: Tuesday, April 01, 2008 4:00:00 PM
Valid to: Tuesday, December 01, 2037 3:59:59 PM
Certificate SHA1 Fingerprint: 36 79 ca 35 66 87 72 30 4d 30 a5 fb 87 3b 0f a7 7b b7 0d 54
File name in Root package: VeriSign Universal Root Certification Authority
Key Size: RSA(2048Bits)
Signature Algorithm: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)

Test Site: httpss://ssltest26.bbtest.net

Download Root Now (Right Click, Save As)

Root 8
Symantec Class 1 Public Primary Certification Authority – G6
Description:
 This root is used for is the SHA2 version of the older VeriSign Class 1 Root. This root is now provided to meet NIST requirements.

Organization = Symantec Corporation
Organizational Unit = Class Symantec Trust Network
Serial Number: 24 32 75 f2 1d 2f d2 09 33 f7 b4 6a ca d0 f3 98
Valid From: Monday, October 17, 2011 5:00:00 PM
Valid to: Tuesday, December 01, 2037 4:59:59 PM
Certificate SHA1 Thumbprint: 51 7f 61 1e 29 91 6b 53 82 fb 72 e7 44 d9 8d c3 cc 53 6d 64
Key Size: RSA(2048 Bits)
Signature Algorithm: sha2RSA
File name in Root package: Class 1 Public Primary Certification Authority – G6

Download Root Now (Right Click, Save As)

Root 9
Symantec Class 2 Public Primary Certification Authority – G6
Description:
 This root is used for is the SHA2 version of the older VeriSign Class 2 Root. This root is now provided to meet NIST requirements.

Organization = Symantec Corporation
Organizational Unit = Class Symantec Trust Network
Serial Number: 64 82 9e fc 37 1e 74 5d fc 97 ff 97 c8 b1 ff 41
Valid From: Monday, October 17, 2011 5:00:00 PM
Valid to: Tuesday, December 01, 2037 4:59:59 PM
Certificate SHA1 Thumbprint: 40 b3 31 a0 e9 bf e8 55 bc 39 93 ca 70 4f 4e c2 51 d4 1d 8f
Key Size: RSA(2048 Bits)
Signature Algorithm: sha2RSA
File name in Root package: Class 2 Public Primary Certification Authority – G6

Download Root Now (Right Click, Save As)

Retired Roots
The following roots have been retired and need no longer be distributed by vendors

VeriSign Class 1 Public Primary CA – G2
Country = US
Organization = VeriSign, Inc.
Organizational Unit = Class 1 Public Primary Certification Authority – G2
Organizational Unit = (c) 1998 VeriSign, Inc. – For authorized use only
Organizational Unit = VeriSign Trust Network
Serial Number: 4c c7 ea aa 98 3e 71 d3 93 10 f8 3d 3a 89 91 92
Operational Period: Mon May 18, 1998 to Tue August 01, 2028
Certificate SHA1 Fingerprint: 273e e124 57fd c4f9 0c55 e82b 5616 7f62 f532 e547

VeriSign Class 2 Public Primary CA
Country = US
Organization = VeriSign, Inc.
Organizational Unit = Class 2 Public Primary Certification Authority
Serial Number: 2d 1b fc 4a 17 8d a3 91 eb e7 ff f5 8b 45 be 0b
Operational Period: Mon Jan 29, 1996 to Tue Aug 01, 2028
Certificate SHA1 Fingerprint: 6782 aae0 edee e21a 5839 d3c0 cd14 680a 4f60 142a

VeriSign Class 4 Public Primary CA – G2
Country = US
Organization = VeriSign, Inc.
Organizational Unit = Class 4 Public Primary Certification Authority – G2
Organizational Unit = (c) 1998 VeriSign, Inc. – For authorized use only
Organizational Unit = VeriSign Trust Network
Serial Number: 32 88 8e 9a d2 f5 eb 13 47 f8 7f c4 20 37 25 f8
Operational Period: Sun May 17, 1998 to Tue Aug 1, 2028
Certificate SHA1 Fingerprint: 0b 77 be bb cb 7a a2 47 05 de cc 0f bd 6a 02 fc 7a bd 9b 52

RSA Secure Server Certification Authority
Country = US
Organization = RSA Data Security, Inc.
Organizational Unit = Secure Server Certification Authority
Serial Number: 02 ad 66 7e 4e 45 fe 5e 57 6f 3c 98 19 5e dd c0
Operational Period: Wed Nov 9, 1994 to Thu Jan 7, 2010
Certificate SHA1 Fingerprint: 4463 c531 d7cc c100 6794 612b b656 d3bf 8257 846f

 

Pin It on Pinterest

Shares
Share This