Security News > 2022 > March > Russia creates its own TLS certificate authority to bypass sanctions

Russia creates its own TLS certificate authority to bypass sanctions
2022-03-10 16:06

Russia has created its own trusted TLS certificate authority to solve website access problems that have been piling up after sanctions prevent certificate renewals.

The sanctions imposed by western companies and governments are preventing Russian sites from renewing existing TLS certificates, causing browsers to block access to sites with expired certificates.

Signing authorities based on countries that have imposed sanctions on Russia can no longer accept payments for their services, leaving many sites with no practical means to renew expiring certificates.

The Russian state has envisioned a solution in a domestic certificate authority for the independent issuing and renewal of TLS certificates.

Users of other browsers like Chrome or Firefox can manually add the new Russian root certificate to continue using Russian sites that feature the state-issued certificate.

As Russia is not currently enjoying any level of trust, it is unlikely for the major browser vendors to add them to their root certificate stores.


News URL

https://www.bleepingcomputer.com/news/security/russia-creates-its-own-tls-certificate-authority-to-bypass-sanctions/