Thanks, the ACME protocol doesn’t provide a way for us to fetch root certificates automatically, so really we need to build an API for that and build it into Certify. There are some debatable security concerns around auto installing root certs. The workaround is for people to install the root certs manually.