Certificate Authority (CA) for SSL Certificates has a very domineering role to play when it comes to validating a site and for gaining trust of people. Browser root ubiquity is another important requirement when it comes to deciding on a Certificate Authority. Many CAs are found to claim 99% of browser ubiquity. But it really does not mean that certificates will get activated without triggering a security warning. Some new Certificate Authorities are found not to have roots included in root store of browsers. This remains an issue if the browser in use is an old one. But it is not the case if the server in use has a Verisign-SSL-Certificate as it is considered a standard and is valid globally.
Users can trust a SSL if the encryption protection is trusted and proven. This happens if the private key and root infrastructure are not compromised upon. SSL given by an independent party has to validate that the requestor has the right to hold the certificate. This is just in case of an independent CA. Specifically the person should hold a direct right to the domain or is an authorized member of the domain. Trustworthiness of SSL certificate is dependent on the strength of authentication performed.
While releasing a new browser, sometimes CA roots are left out. This leads to occurrence of error messages and so domain booking sites need to be closed down by the user. The termination of a session leads to lost sale opportunities and creates dissatisfaction among the customers. Nowadays, even prominent companies are found to experience this type of error on their websites. Error messages are also received when users visit an old version of browser. Under such circumstances, users receive messages indicating that the certification is not valid or trusted.