1. Symantec/
  2. VeriSign CAs and RAs within the VeriSign Trust Network (VTN)

VeriSign-branded CAs and RAs within the Symantec Trust Network (STN)

Revised September 4, 2015

The following table summarizes the functions of the subscriber certificate-issuing Certification Authorities operated by Symantec within the STN. This document also lists the entities responsible for the Registration Authority function for such Certification Authorities.
Symantec Trust Network (STN)
Type CA Name CA Description Registration Authorities
STN Root CAs Generation 1 (G1)
VeriSign Class 1 PCA
VeriSign Class 2 PCA
VeriSign Class 3 PCA
VeriSign Class 4 PCA
First generation of VeriSign-branded Root certification authorities which issue certificates to Subordinate CAs within the STN Symantec
Generation 2 (G2)
VeriSign Class 1 PCA – G2
VeriSign Class 2 PCA – G2
VeriSign Class 3 PCA – G2
VeriSign Class 4 PCA – G2
Second generation of VeriSign-branded Root certification authorities which issue certificates to Subordinate CAs within the STN Symantec
Generation 3 (G3)
VeriSign Class 1 PCA – G3
VeriSign Class 2 PCA – G3
VeriSign Class 3 PCA – G3
VeriSign Class 4 PCA – G3
Third generation of VeriSign-branded Root certification authorities which issue certificates to Subordinate CAs within the STN Symantec
Generation 4 (G4)
VeriSign Class 3 PCA – G4
Fourth generation of VeriSign-branded Root certification authorities which issue certificates to Subordinate CAs within the STN Symantec
Generation 5 (G5)
VeriSign Class 3 PCA – G5
Fifth generation of VeriSign-branded Root certification authorities which issue certificates to Subordinate CAs within the STN Symantec
Universal Root
VeriSign Universal Root CA
Sixth generation of VeriSign-branded Root certification authorities which issue certificates to Subordinate CAs within the STN Symantec
Class 3 Organizational CAs VeriSign Class 3 Extended Validation SSL CA Issues EV SSL certificates Symantec, Managed PKI for SSL Customers and STN Affiliates
VeriSign Class 3 Extended Validation 1024-bit SSL SGC CA Issues EV SSL certificates Symantec and STN Affiliates
VeriSign Class 3 Extended Validation SSL SGC CA Issues EV SSL SGC certificates Symantec, Managed PKI for SSL (Premium Edition) Customers and STN Affiliates
VeriSign International Server CA Class 3 Issues Global Server SGC certificates Symantec, Managed PKI for SSL (Premium Edition) Customers and STN Affiliates
VeriSign Class 3 Secure Server 1024-bit CA G2 Issues Secure Server certificates Symantec and STN Affiliates
VeriSign Class 3 Secure Server CA - G2 Issues Secure Server certificates Symantec, Managed PKI for SSL Customers and STN Affiliates
VeriSign Class 3 Secure OFX CA - G3 Issues OFX certificates Symantec
VeriSign Class 3 WLAN Secure Server CA Issues wireless secure server certs supporting the PEAP protocol Symantec
VeriSign Class 3 Secure Intranet Server CA Signs certificates to be used on secure intranet servers Symantec
VeriSign Class 3 Organizational CA Issues S/MIME certs Symantec
VeriSign Class 3 SSP CA Issues Non Federal SSP CAs Symantec
VeriSign Class 3 Code Signing 2009 CA Issues code signing and object signing certificates for use with Netscape browsers, Microsoft Internet Explorer browsers, Microsoft Office, Sun Java Signing, Macromedia, and Marimba Symantec
Class 2 Enterprise CAs VeriSign Class 2 MPKI Individual Subscriber CA - G2 Issues certificates to the subscribers of Managed PKI Lite customers Managed PKI Customer
VeriSign Class 2 SSP CA Issues Non Federal SSP CAs Symantec
Managed PKI Full Public Customer-Specific CAs Customer-specific CAs that chain to the VeriSign-branded Class 2 PCA Managed PKI Customer
Class 1 Enterprise CAs VeriSign Class 1 Individual Subscriber CA - G2 Issues Class 1 certificates to individuals Symantec
VeriSign Class 1 SSP CA Issues Non Federal SSP CAs Symantec
Legacy CAs RSA Secure Server CA Legacy issuer of Secure Server certificates; also a Root CA Symantec, Managed PKI for SSL Customers and STN Affiliates
VeriSign Class 3 Secure Server CA Legacy issuer of Secure Server certificates Symantec, Managed PKI for SSL Customers and STN Affiliates
VeriSign Class 3 Secure Server 1024-bit CA Legacy issuer of Secure Server certificates Symantec and STN Affiliates
VeriSign Class 3 Code Signing 2001 CA Legacy issuer of Code Signing certificates Symantec
VeriSign Class 3 Code Signing 2004 CA Legacy issuer of Code Signing certificates Symantec
Class 3 Open Financial Exchange CA - G2 Legacy issuer OFX certificates Symantec
VeriSign Class 1 CA Individual Subscriber-Personal Not Validated Legacy issuer of Class 1 certificates to individuals Symantec
VeriSign Class 2 OnSite Individual CA Legacy issuer of certificates to the subscribers of Managed PKI Lite customers Managed PKI Customer
Although Symantec#s Authenticated Code Signing (ACS) products do not utilize CAs that chain up to STN root CAs, they are included among the various types of infrastructure CAs covered in Symantec's Certification Practices Statement (CPS). There are two types of ACS CAs operated by Symantec, as described in the table below.
Symantec's Authenticated Code Signing (ACS) CAs
Type CA Name CA Description Registration Authorities
Authenticated Code Signing (ACS) CAs Authenticated Code Signing Root CAs Customer-specific root CAs, operated by Symantec, which issue certificates to Subordinate ACS CAs Symantec
Authenticated Code Signing Subordinate CAs Customer-specific CAs, operated by Symantec, which issue ACS end-entity certificates to organizations Symantec

CONTACT US

    Worldwide Headquarters
    650-426-3400
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube