AnsweredAssumed Answered

Why is CNNIC Root not distrusted?

Question asked by Richard Leung on Apr 20, 2017
Latest reply on Apr 22, 2017 by j-mailor

As SSL Labs stated earlier, WoSign and StartCom will no longer be trusted by mainstream browser, and way before that, CNNIC was dropped by Google, Mozilla, and Apple.

 

But today when I run a test on CNNIC's CT Log Server, just to see what's the current state of CNNIC's root certificate, I found that SSL Labs are still trusting this certification which is no longer accessible through Chrome.

Outcomes