Trust store-version

Hello TommyLars,

We appreciate you reaching out and posting in Apple Support Communities. For Trust Store trusted root certificates, we would use the list published by Apple. Is this something you have installed manually?

See Trust manually installed certificate profiles in iOS and iPadOS for details.

List of available trusted root certificates in iOS 15, iPadOS 15, macOS 12, tvOS 15, and watchOS 8

About trust and certificates

Each Trust Store contains three categories of certificates:

• Trusted certificates establish a chain of trust that verifies other certificates signed by the trusted roots — for example, to establish a secure connection to a web server. When IT administrators create Configuration Profiles, these trusted root certificates don't need to be included.

• Always Ask certificates are untrusted but not blocked. When one of these certificates is used, you'll be prompted to choose whether or not to trust it.

• Blocked certificates are believed to be compromised and will never be trusted.

Let us know more details if you still have questions.

Take care!

What Apple list? The current version for iOS 15.5 is 2022031500 asset version 17 and is the “official" version. The support documents don’t always keep up, and there are also older support documents that are not removed. Is the date of whatever source you are referencing later than March 15, 2022?

If Apple can verify it then it certainly wouldn’t be in this user-to-user forum where Apple doesn’t participate. Apple’s support knowledge base isn’t always up to date, and I’ve asked for this to be updated several times through channels. The closest that has been published is this→List of available trusted root certificates in iOS 15.1, iPadOS 15.1, macOS 12.1, tvOS 15.1, and watchOS 8.1 - Apple Support

But, as I posted above, If you have the latest iOS version (currently 15.5) then you have the correct trust store version, as the trust store file is part of iOS.

Perhaps an understanding of what the Trust Store is would help:

In simple terms, The Trust Store contains the digital signatures of issuers of the SSL certificates that are used to encrypt access to websites and email servers. There are billions of SSL certificates in use around the world. They are issued by a relatively small number of agencies and companies (Called Certificate Authorities, or CAs), who, as part of the process of issuing the certificate, verifies that the site is legitimate. When you visit a website the certificate from that site is sent to your browser. Your browser then verifies that the certificate was issued by one of the agencies whose signature is in the Trust Store. If the signature is not in the trust store you see a warning that the site may not be what it seems. The Trust Store is updated as part of an iOS update. It will change whenever the list of certificate authorities changes, which is very rare. The Trust Store version is actually the date and time the trust store contents were last updated. So, for example, version 2022031500 was last updated on March 15, 2022 at midnight.

The trust store version has absolutely nothing to do with security vulnerabilities. If you keep your Apple product updated to the latest version of MacOS or iOS it will be protected against all known vulnerabilities, despite whatever nonsense has been posted in the forum. 

==========================

Notices that your phone has been jailbroken (assuming it hasn’t) can be caused by using a VPN connection, and also some apps just aren’t good at checking device status.

If you have the latest iOS version (currently 15.5) then you have the correct trust store version, as the trust store file is part of iOS.

Perhaps an understanding of what the Trust Store is would help:

In simple terms, The Trust Store contains the digital signatures of issuers of the SSL certificates that are used to encrypt access to websites and email servers. There are billions of SSL certificates in use around the world. They are issued by a relatively small number of agencies and companies (Called Certificate Authorities, or CAs), who, as part of the process of issuing the certificate, verifies that the site is legitimate. When you visit a website the certificate from that site is sent to your browser. Your browser then verifies that the certificate was issued by one of the agencies whose signature is in the Trust Store. If the signature is not in the trust store you see a warning that the site may not be what it seems. The Trust Store is updated as part of an iOS update. It will change whenever the list of certificate authorities changes, which is very rare. The Trust Store version is actually the date and time the trust store contents were last updated. So, for example, version 2022012800 was last updated on January 28, 2022 at midnight.

The trust store version has absolutely nothing to do with security vulnerabilities. If you keep your Apple product updated to the latest version of MacOS or iOS it will be protected against all known vulnerabilities, despite whatever nonsense has been posted in the forum. 

If you have the latest iOS version (15.5) then you have the correct trust store version, as the trust store file is part of iOS.

TommyLars,

If you still have concerns about the Trust Store version listed on your iPhone, you'll want to reach out to Apple Support: Contact - Official Apple Support They'd be in the best position to assist further.

Take care.

The same trust store version is showing as TommyLars. It was there prior to the 15.5 iOS update. Nothing has been installed manually and as he stated it isn't listed as a trusted root certificate.

Does anyone have any additional insight? The iPhone has been experiencing a lot of popups, DoS's and unusual error codes (148, 209, 143, etc.).

I am puzzled why - If 2022031500 is the current trust store, Apple has absolutely no documentation or bulletin about it, neither is it listed as official anywhere.

i have apps refusing to install and open and shows a warning that my phone is rooted or jailbroken (though I’m sure I did not) - so I’m troubleshooting and found this.

can Apple verify the authenticity of this trust store?

See my post below.