> ## Documentation Index > Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt > Use this file to discover all available pages before exploring further. # TrustedForNTAuth > The NTAuthStore contains the certificate of the Enterprise CA. Applies to BloodHound Enterprise and CE The consequence of the relationship is that certificate issued by the Enterprise CA are trusted for authentication in the AD forest of the NTAuthStore. ## Abuse Info An attacker may perform several attacks that rely on an Enterprise CA to be trusted, such as ESC1. This relationship alone is not enough to escalate rights or impersonate other principals. This relationship may contribute to other relationships and attributes, from which an escalation opportunity may emerge. ## Opsec Considerations When an attacker abuses a privilege escalation or impersonation primitive that relies on this relationship, it will necessarily result in the issuance of a certificate. A copy of the issued certificate will be saved on the host that issued the certificate. ## Edge Schema Source: [EnterpriseCA](/resources/nodes/enterprise-ca)\ Destination: [NTAuthStore](/resources/nodes/nt-auth-store)\ Traversable: **No** ## References This edge is related to the following MITRE ATT\&CK tactic and techniques: * [https://attack.mitre.org/techniques/T1649/](https://attack.mitre.org/techniques/T1649/) ### Abuse and Opsec references * [https://specterops.io/wp-content/uploads/sites/3/2022/06/Certified\_Pre-Owned.pdf](https://specterops.io/wp-content/uploads/sites/3/2022/06/Certified_Pre-Owned.pdf) * [https://learn.microsoft.com/en-us/windows-server/security/windows-authentication/credentials-processes-in-windows-authentication#BKMK\_CertificatesInWindowsAuthentication](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-crtd/ec71fd43-61c2-407b-83c9-b52272dec8a1) * [https://www.pkisolutions.com/understanding-active-directory-certificate-services-containers-in-active-directory/](https://www.pkisolutions.com/understanding-active-directory-certificate-services-containers-in-active-directory/) * [https://www.ravenswoodtechnology.com/components-of-a-pki-part-2/](https://www.ravenswoodtechnology.com/components-of-a-pki-part-2/)