Most browsers and clients that use secure channels have an integrated list of certification bodies. When a page or service is signed by one of these entities, its authenticity and security is automatically recognized. However, as there is a cost associated with the maintenance of these certificates, the IST IT Services Department maintains, at the same time, its own certification authority, which can sign certificates that are requested.
Thus, some IST pages or personal email addresses are signed by the DSI services themselves. In order for this signature to be automatically recognized by browsers and clients, it is necessary to import the IST root certificate and add it to the list of recognized certification bodies.
If this import is not carried out, each time a page signed by the IST is accessed, the browser warns that the certifying entity is unknown, asking the user to confirm that they really want to access the page, although it is not possible to recognize its authenticity.