I just noticed that I have more than a hundred installed certificates on a fresh installation of Ubuntu 18.04.
This command:
sudo ls /etc/ssl/certs
is yielding certificates with the names of Deutsche Telekom, Amazon, TurkTrust, Taiwan Security, TrustCor...
What are these certificates??
In order to use SSL/TLS, you need to have Certificate Authority Root Certificates. This is how your computer is able to see that an SSL certificate is truly valid. This is key to your system's security, SSL 'web of trust', and protecting your bank account credentials from nefarious actors.
Anybody can create an SSL certificate and sign it. They can do this for any domain. Certificate Authorities perform the role of ensuring that certificates are only created for domains owned by the requesting entity. Your computer will not accept a certificate for google.com unless it's signed by a trusted, Certificate Authority, not by someone generating a random certificate.
You have to start your trust somewhere. Most people allow their Operating System to determine the certificates, knowing that these certificates are being managed by smart people. In some circumstances, you may wish to strip out some of these certificates, but it's not likely this is a good idea for you right now.
Certificate Authorities should follow best practices, such as cold storage of their Root Certificate, which is used to create Intermediate Certificates. This means that the likelyhood of compromise of the Root Certificate is lessened, while allowing systems/people to use the Intermediate Certificate to generate certificates for customers, etc. This is important as it allows for long-term, established trust in the Root Certificates, while allowing a practical way of providing customers' certificates.
A similar question was asked, What is the use/purpose of the ca-certificates package?. Also, Let's Encrypt is a recent example of a company using a signed, Intermediate Certificate, soon (Apr 2019) to rely on their 'ISRG Root Certificate', which has been adopted by many major Operating Systems. Following the Let's Encrypt story might give you more insight and a practical example.
