{"id":"acm-private-ca-not-trusted-by-default","text":"Certificates signed by AWS Private CA are not publicly trusted by default — administrators must install them in client trust stores.","truth_value":"IN","source":"entries/2026/03/08/acm-getting-started.md","source_url":"","source_hash":"6861e8d35289c8fe","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"acm-private-ca-not-trusted-by-default","truth_value":"IN","reason":"premise"}]}}