long-time, stable and credible organisations who have long term relationships with the browser vendors (such as Microsoft, Apple and Google) will have their own Trusted Root Certificate Authority (CA) certificate already present in browsers. A browser must contain this CA Certificate in its “Trusted Root Library” in order to “trust” certificates signed by the CA’s private key. These SSL certificates are known as “single root” certificates.
Some Certificate Authorities (CAs) do not have a Trusted Root CA certificate present in browsers, and therefore need to “chain” their roots for their certificates to be trusted by browsers. A CA with a Trusted Root CA certificate issues a certificate to the third-party certificate provider which then “inherits” the browser recognition of the Trusted Root CA and are known as “chained root” SSL certificates.