@Volker, yes there is an OS certificate store. (See: http://msdn.microsoft.com/en-us/library/windows/hardware/ff548653%28v=vs.85%29.aspx )
MobiLink clients (SQL Anywhere and UltraLite) do currently support this feature:
"For Windows and Windows Mobile, if no trusted certificates are specified, the client loads the certificates from the operating system's trusted certificate store. This certificate store is used by web browsers when they connect to secure web servers via HTTPS."
SQL Anywhere HTTPS web clients currently do not:
"Your web client application must have access to the server certificate or the certificate that signed the server certificate to issue a secure HTTPS request. The certificate is required for the client procedure in order to authenticate the server to prevent man-in-the-middle exploits.
Use the CERTIFICATE clause of the CREATE PROCEDURE and CREATE FUNCTION statements to authenticate the server and establish a secure data channel. You can either place the certificate in a file and provide the file name, or provide the entire certificate as a string value; you cannot do both."
In summary, neither the "ENC=" SQL Anywhere client TLS connection mechanism, nor the SQL Anywhere database server HTTPS web services client mechanism can currently take advantage of the Windows OS certificate store for client requests. I have also noticed that "xp_startsmtp" also currently cannot take advantage of this certificate store.
I have opened enhancement requests #704014 (HTTPS web service client requests) / #704015 (encrypted dblib clients) / #714322 (SMTP client for "xp_startsmtp") for this feature (being able to use the Microsoft OS certificate store for "trusted_certificates") to be considered in a future release. Thank you for the enhancement request.