This option allows the quick removal of all user-installed trusted credentials from the device, leaving only the system-installed certificates.
What the list of trusted credentials is for
Devices and browsers contain a pre-installed list of trusted certificate authorities, indicating which companies the device trusts to provide secure certificates for websites or other purposes.
In addition to the pre-installed trusted credentials, in some cases it is possible for you to add your own trusted authorities to your device, which will appear as user-installed trusted credentials. For example, your company might use its own secure certificates for its corporate network, and require you to install its trusted credentials on your device. These credentials may have been installed by software provided by your company.
This setting removes all user-installed trusted credentials from the device, but does not modify or remove any of the pre-installed credentials that came with the device.
You should not normally have reason to do this. Most users will not have any user-installed trusted credentials on their device.
Adding user-installed trusted credentials to your device allows the company in control of that credential the potential ability to impersonate any secure site on the web in the eyes of your device, bypassing HTTPS and TLS validation. Avoid adding trusted credentials unless they are from a company you trust and you understand the reason for adding them.
If this option is grayed out or disabled
This option may be grayed out (disabled) if you do not have any user-installed credentials.
The option is not intended for the removal of system-installed credentials, the mass removal of which may affect web access in general, and possibly impact the functionality of apps.
If you need to disable individual system-installed credentials, you may do so via the list on the main Trusted credentials menu.