Except things like browsers (e.g. Firefox, Chrome) or python that ship their own root CA trust store.
